shaping

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt tells the agent to "always capture" user-provided source material verbatim into the frame document, which would cause any secrets the user pastes (API keys, tokens, passwords) to be reproduced in the agent's output and thus creates an exfiltration risk.