analytic-memo

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly requires quoting the user's original input "一字不改" (verbatim) into the saved memo and dialogue output, so if the user-supplied trigger contains API keys/passwords/cookies those secrets would be reproduced and written out, creating an exfiltration risk.