tilth

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The tilth prompt instructs the agent to read and return file contents (including dotfiles like .env) and to print full sections/lines, so it can cause the LLM to output environment variables or API keys verbatim, enabling secret exfiltration.