code-security-auditor

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly requires including "specific code snippet" evidence (file path and line number), so if the analyzed code contains hardcoded API keys, tokens, or passwords the LLM is expected to reproduce them verbatim, creating an exfiltration risk.