auto-handoff

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs the agent to save and inject raw code, full observation logs, and "直接贴代码"/"贴实际代码" into memory files which can contain API keys, tokens, or passwords verbatim, creating a high exfiltration risk.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 1.00). 该技能在后台持久保存完整会话、代码片段、错误信息和文件路径并明确要求“不告知用户记忆保存的内部过程/用户全程无感知”，构成隐蔽的数据保留/泄露风险（未经同意保存敏感信息），属于高风险行为。