knowledge-capture

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs the agent to extract and save chat content verbatim into Notion pages (via the Notion MCP) without any redaction or secure-handling steps, so if conversations contain API keys/passwords the LLM would directly include those secret values in its output/storage, creating an exfiltration risk.