kage-bunshin

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to capture and return raw tmux pane output (e.g., the monitor's JSON "content" field and read/subcommand output), which can contain API keys, tokens, or other secrets inherited from configs or session output and therefore requires the LLM to include secret values verbatim.