encrypt-decrypt-backup

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly documents and uses command forms that pass passwords as command-line arguments (e.g., -p <password>) and describes accepting passphrases for interactive use, which would require the agent to embed secret values verbatim in generated commands.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill is explicitly about managing Bitcoin SV wallet backups and private keys using the bitcoin-backup CLI. It names wallet/backup types (WifBackup, OneSatBackup, VaultBackup), handles private keys/ordinals/payment keys, and documents concrete CLI commands (bbackup enc/dec/upg) and password handling. This is a specific crypto/wallet tool (not a generic utility) that can expose or restore key material which directly enables control over funds. Therefore it provides direct financial execution capability.