ai-md

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt explicitly instructs keeping "connection strings (keep exact — NEVER compress facts/credentials/URLs)" and includes sections and commands that read and copy user config files (e.g., ~/.claude/CLAUDE.md, backups), which implies the agent must preserve and potentially emit secret/credential values verbatim — a high exfiltration risk.