adversarial-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The reviewer prompts require quoting "Evidence" from the submitted artifact (line/section/quote), so if the user pastes code, diffs, or configs containing API keys, tokens, or passwords the LLM is instructed to reproduce them verbatim, creating a high exfiltration risk.