credentials

The skill presents a coherent local credential store with strong at-rest encryption and explicit metadata handling. The primary risk is exposure of sensitive values through stdout (get subcommand) and potential master-password leakage via CLI flags or environment variables. Overall, the footprint is proportionate to a local secret manager but warrants mitigations around stdout privacy, CLI-history exposure, and secure password entry (prefer interactive prompts or secure prompts via the runtime). The design is MITRE-leaning toward benign with moderate security risks due to data-in-use exposure vectors.