hook

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill reads and displays user config, hook command/prompts, and logs from ~/.claude/* (including settings.json and hook contents) and outputs those contents verbatim, which can expose API keys, tokens, or passwords if present.