Missing User Warnings
Medium
- Confidence
- 88% confidence
- Finding
- The README encourages a pattern of embedding cloud access credentials directly in source code, even as placeholders, without any warning to use environment variables or a secret manager. In a monitoring skill that connects to DataWorks, this normalizes insecure secret handling and increases the chance that real credentials will later be committed, leaked, or reused unsafely.
