The issue "Hard-coded credentials are security-sensitive" represents a major vulnerability, as embedding usernames, passwords, or tokens directly in the source code can expose systems to unauthorized access if the code is leaked or accessed by an attacker. Using hard-coded credentials increases the risk of credential theft and compromises the security of the application, as these details are often difficult to update and can be easily discovered through reverse engineering.
https://rules.sonarsource.com/kotlin/RSPEC-2068/