1-back working memory test

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill requires the agent to store and explicitly output the prior input item verbatim (the "prior letter" and a match indicator), so if a user supplies an API key/password/cookie as an item it will be echoed and thus can exfiltrate secrets even though the prompt does not explicitly request them.