skill-grader

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt requires reading transcripts and output files and embedding supporting/verbatim evidence (e.g., expectations.evidence and claim.evidence) into grading.json, so any secrets present in those inputs would be copied into the agent's output and thus exfiltrated.