mom-status

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to print the raw output of a local command verbatim with no filtering, so if mom status emits API keys, tokens, cookies, or passwords those secrets would be directly output (exfiltrated) — there are no safeguards to avoid returning sensitive values.