config-export

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly reads CLAUDE.md and ai-context/ into the model context and even instructs retaining some content "verbatim" (e.g., project memory table), so if those source files contain API keys, tokens, or passwords the LLM could be forced to reproduce them in the generated outputs, enabling secret exfiltration.