experiment

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt instructs the agent to log and write the user-provided metric command verbatim (e.g., in the baseline log and the experiment report's "Metric: {command}"), so if that command contains embedded credentials or tokens the LLM would output them directly, creating an exfiltration risk.