telegram-reminders

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs embedding real secrets into files and CLI commands (e.g., telegram_config.json and npx convex env set "YOUR_BOT_TOKEN"), which requires the agent to handle and potentially output secret values verbatim, creating exfiltration risk.