fyi

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill writes user-provided arguments verbatim into files (and may forward them to oracle_learn()) so if a user supplies API keys/passwords/cookies those secret values will be included in the agent's output/storage, creating an exfiltration risk.