recipe-reverse-engineer

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The orchestrator instructs passing step outputs and file contents "as-is" into downstream agent prompts (e.g., Related Files, Primary Files), so hard‑coded secrets in the codebase could be propagated and included verbatim in generated documents or outputs, creating an exfiltration risk.