competition-agent-cloud

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly requires preserving prompt snippets, tool arguments, manifests, live mounts, and "final tool args" and to reproduce runtime exploits (including metadata-derived tokens and mounted secrets), which means the agent may need to include secret-bearing strings verbatim in evidence blocks — a high exfiltration risk.