assign-agent

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly requires reading $CODEX_THREAD_ID and embedding its expanded value verbatim into commands, files, or issue comments, which forces the agent to output an environment-held token (potentially secret) directly.