memory-forensics

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs extracting and printing/exporting credentials (plaintext passwords, NTLM hashes, Kerberos tickets, LSA secrets) from memory, which requires the LLM to handle and output secret values verbatim, posing an exfiltration risk.