planning

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The prompt requires collecting and embedding "witness_evidence" (file:line, codesearch hit, exec output snippet) to mark unknowns as witnessed, which can force the agent to include verbatim file or exec snippets that may contain API keys or secrets and gives no redaction rules—so it creates a high exfiltration risk.