vs-roast-my-code

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt requires quoting actual code, showing before/after diffs, and explicitly escalates secrets/credentials found in the codebase, which encourages the agent to include secret values verbatim in its output (e.g., code snippets or diffs) and thus poses a high exfiltration risk.