agentic-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly passes full diffs to spawned agents and asks them to present findings and show fixes (including offending lines or patches), which can expose hardcoded API keys/passwords present in the repo and require the LLM to include those secret values verbatim in its output.