red-team

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs the agent to ingest and reproduce verbatim sections of a /think brief (embedding them into prosecutor prompts, outputs, and written reports), so if those briefs contain API keys, tokens, or passwords the model will output them, creating an exfiltration risk.