sdd-init

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill instructs the agent to read arbitrary user- and project-level files (including home-directory skill files and any referenced files) and then write their contents into a registry file and mem_save content, which would force the LLM to include file contents verbatim — potentially exposing API keys/secrets found there.