portable-tools

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs collecting and showing exact credential/token values (e.g., "Tell me: ... BEFORE/AFTER tokens", examples with access tokens, and commands that reveal keychain entries), which requires the agent to receive and output secret values verbatim and thus is an exfiltration risk.