splitwise-cli

The skill mentions saving credentials to a config file and environment variables, which enables potential exfiltration if the agent copies or transmits these credentials without user consent or explicit per-call authorization.