Missing User Warnings
Medium
- Confidence
- 81% confidence
- Finding
- The skill explicitly promotes automated credential rotation and unattended CI/CD credential injection, both of which involve highly sensitive secrets and privileged access paths, but it provides no warnings, guardrails, or usage constraints. In a credential-management skill, omission of safety guidance increases the chance of users exposing cloud keys, over-privileging automation, or injecting credentials into insecure environments and logs.
