audit-agent-lifecycle

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs writing agents' returned capability text directly into shell commands (e.g., node ... --capabilities 'CAPABILITIES_TEXT'), which would require the LLM to embed any verbatim content (including potential secrets) into generated output/commands.