pachca-threads

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs the agent to request a Pachca token from the user and embed it verbatim in CLI commands or environment exports (e.g., --token $PACHCA_TOKEN or export PACHCA_TOKEN=), which requires the LLM to handle secret values directly.