vulnerability-scan

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to detect and report hardcoded passwords/API keys and to include vulnerable code snippets and file:line citations, which implies reproducing secret values verbatim in the generated report.