project-memory

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). This skill instructs scanning and ingesting raw agent session logs and recent prompts/responses and then consolidating and writing them verbatim into memory files and summaries (e.g., "last prompt"/"next action"), which can force the LLM to include secrets (API keys, tokens, passwords) present in those logs in its outputs.

CRITICAL E006: Malicious code pattern detected in skill scripts.

• Malicious code pattern detected (high risk: 0.90). This skill and its scanner aggressively read numerous user home and agent state files (session logs, configs, project memories, unknown dotdirs) and consolidate/overwrite project docs or print JSON output, which creates a high risk of deliberate data exfiltration and credential harvesting if abused (it does not itself open network connections or install a remote backdoor, but its design makes sensitive local data easy to capture and persist into repo-accessible files or outputs).