extract-learnings

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). This skill reads project and global files (MEMORY.md, CLAUDE.md, git logs) into agent prompts and emits proposed diffs/old-lines which would cause any secrets present in those files to be ingested by the LLM and potentially printed verbatim in outputs.