idea-queue-capture

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to "preserve full context verbatim" and to include userInputVerbatim in the queue item payload and user-facing outputs (code snippets, JSON, confirmations), so any API keys/passwords provided by a user would be emitted verbatim by the LLM.