docs-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly instructs embedding a full session identifier (CLAUDE_SESSION_ID) into command invocations, generated file paths, and frontmatter—requiring the agent to output that session token verbatim, which is equivalent to exposing a secret/session credential.