cmd-codex-review-plan

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill explicitly requires the agent to write and pass the plan "verbatim" into a tempfile and stdin to an external tool (codex exec), so if the plan contains API keys/passwords/cookies the agent would be forced to reproduce and transmit those secret values verbatim to another process — an exfiltration risk.