Missing User Warnings
Medium
- Confidence
- 96% confidence
- Finding
- The examples encourage passing Bearer tokens, Basic credentials, and API keys directly on the command line. Secrets supplied this way can be exposed via shell history, process listings, terminal logging, or CI logs, causing credential leakage to other local users or log consumers.
