openclaw-assets-to-workbuddy

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill explicitly instructs extracting channel credentials (appSecret, botToken, botSecret, token, apiKey, etc.) from OpenClaw and writing them into WorkBuddy settings/automation files and reports, which requires the agent to read and embed secret values verbatim unless additional redaction rules are imposed.