meticulous-cli-download

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt documents and exemplifies passing an API token directly via a --apiToken=/--apiToken=$TOKEN CLI argument (and even requires an API token for one command), which encourages the agent to insert secret values verbatim into generated commands and thus poses a high exfiltration risk.