retrospective

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). This skill explicitly instructs the agent to quote the user's "actual words" and write those verbatim into persistent context files (and present them for confirmation), so if a user ever included API keys, tokens, cookies, or passwords in their messages the LLM would reproduce and persist those secrets — causing potential exfiltration (mitigated somewhat by explicit confirmation but still high risk).