Missing User Warnings
Low
- Confidence
- 71% confidence
- Finding
- The skill instructs users to export an API key but provides no guidance on keeping the credential secret, avoiding logs, or preventing accidental disclosure. In agent and shell-based environments, users may paste commands into shared terminals, transcripts, or CI logs, increasing the risk of credential exposure and unauthorized API usage.
