vscode-chat-audit

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill explicitly instructs recovering and printing full user messages and exporting session text (e.g., "print all user messages", "first 3 user messages", "continuation prompt—ready-to-paste"), which would require reproducing any secrets present in those chats verbatim and thus risks exfiltrating credentials.