bitwarden

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs using bw to fetch passwords, notes, and API keys (and even echoing BW_SESSION=$(bw unlock --raw) into .env), which requires reading and outputting secret values verbatim, so the LLM would handle/expose secrets directly.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). This content explicitly instructs how to locate and extract API keys, passwords, and session tokens from a Bitwarden vault (including persisting BW_SESSION), which facilitates credential theft and potential data exfiltration.