configure

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly accepts a Discord bot token as an argument and instructs the agent to write that exact token into a file (and potentially construct file-writing/confirmation commands), so the LLM will receive and may need to emit the secret verbatim — creating a high exfiltration risk despite masked status displays.