Debug Mode

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). It requires instrumenting code to log variable states to a file or via fetch (and to read relevant source/data), which will capture and emit any in-memory secrets (API keys, tokens, passwords) verbatim into logs—creating an exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). The skill prescribes covert, persistent instrumentation practices (hardcoded absolute .claude debug logfile, prohibition of stdout, mandatory file-append or POSTing logs, logging variable state including secrets, and persistent region-wrapped hooks) that strongly enable covert data collection/exfiltration and a lasting backdoor-like presence in projects.