tools-1password-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt includes explicit examples that place tokens and API keys directly in commands/output (e.g., export OP_SERVICE_ACCOUNT_TOKEN="ops_...", op signin --raw, op item create api-key=sk-xxx..., JSON exports and jq extraction), which would require an agent to handle or reproduce secret values verbatim and therefore poses a high exfiltration risk.