qa

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill sends raw diffs and file contents (git diff / changed files) to Codex for review without instructing redaction, so any secrets present will be included in the model input and may be echoed in its output, creating a high exfiltration risk.