analyze-session

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly fetches and writes full session messages into transcript and report files (and may display them), so any API keys, tokens, or passwords present in those messages would be included verbatim in the agent's output—creating an exfiltration risk.