collab-proof

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.85). The skill instructs the agent to read and embed conversation and log snippets (e.g., top turns from ~/.claude/projects JSONL and git-based session content) into generated files and narratives, which can force verbatim inclusion of any secrets present in those logs — an exfiltration risk.