containerization-rules

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's Memory Protocol explicitly instructs the agent to run "cat .claude/context/memory/learnings.md" (and to record memory), which forces printing file contents verbatim and could exfiltrate any secrets stored there.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.70). The skill mandates reading a local memory file and explicitly instructs the agent to "record" new patterns (persistence), which encourages writing to the local filesystem and thus modifying the machine's state even though it doesn't request sudo or privileged system changes.