codex-cli-session

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill reads project/session IDs from files and explicitly instructs the agent to place those session ID strings verbatim into command-line invocations (codex exec resume ""), which requires the LLM to handle and output secret-like values directly, creating exfiltration risk.