debug

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt instructs reading and displaying .env files (e.g., "cat .env") and includes example API key patterns (sk-...), which requires the agent to access and potentially output secret values verbatim, creating exfiltration risk.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt includes instructions that modify system service configuration (systemd/plist), suggests running sudo to start system services, and includes destructive filesystem/DB operations (rm -rf, sqlite3 DELETE), which can change the machine's state and require elevated privileges.