earnings-calendar

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill asks users to paste their FMP API key into the session and shows examples that pass the key directly into commands/arguments (e.g., "${API_KEY}" on the command line and storing API_KEY in-session), which requires the LLM to accept and potentially emit secret values verbatim—an insecure exfiltration risk.