skill-system-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill's operations include reading/writing arbitrary config values (config-get returns the raw "value") and constructing CLI commands with "{value}" substitution (config-set/agent run pass-through), which requires embedding secret strings verbatim into commands or JSON output and thus can exfiltrate credentials.