pdf-bib-import

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). Insecure: the workflow explicitly records and requires a "base_token" to be inserted as a command-line argument and passed verbatim to lark-cli/subprocess calls, which forces secrets to be handled/output in plaintext on the command line.