fpf-core

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires the agent to write a session_id value verbatim into a sentinel file (session_id=<CLAUDE_SESSION_ID>), which forces inclusion of a secret-like token in generated output and thus poses an exfiltration risk.