sidequest

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly builds a verbatim context prompt (a summary of the chat and recent state) and injects it into a shell command/claude -p argument, so any secrets present in the conversation or included context would be embedded and output directly, enabling exfiltration.