amp-api-awareness

[Skill Scanner] Credential file access detected The artifact is a local analysis skill that documents how to mine Amp client data with DuckDB to discover undocumented APIs, tool usage, and usage/cost statistics. It contains no executed network exfiltration or code-level backdoors, but it explicitly identifies and encourages ingestion of sensitive local files (including stored API keys and session state) and guidance to aggregate them into a portable database. That behavior materially increases the risk of credential harvesting and accidental exfiltration if outputs are exported or scripts use harvested credentials. Recommend treating this as a high-sensitivity forensic tool: restrict secret access by default, add explicit consent prompts, redact or exclude credential-containing fields, encrypt aggregated artifacts, and document safe sharing practices before use. LLM verification: The material is a local analysis skill for discovering Amp API patterns by reading thread JSONs and running DuckDB/CLI queries. It contains multiple instructions that, if followed, would access highly sensitive local resources (stored API keys, session data, cross-product histories) and suggests interactions (sharing, contacting MCP servers) that could exfiltrate data if combined with network-capable tooling. There is no explicit malicious code in the fragment, no obfuscation, and no direct netw