infra-bootstrap

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt explicitly requires the agent to include the failing command and stdout/stderr in responses, which can force the LLM to reproduce secret values verbatim if those commands print credentials or tokens, even though the commands themselves don't embed secrets as arguments.