performing-malware-persistence-investigation

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent to extract and print registry values, scheduled-task commands/arguments, WMI strings and file contents into reports (including slicing and direct printing), which means any embedded secrets (API keys, tokens, plaintext passwords, command-line credentials) would be included verbatim in the agent’s output and thus risk exfiltration.