goal-distill

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill instructs the model to ingest conversation history and repository state and emit a self-contained, paste-ready /goal prompt (and copy it to the clipboard), which can force inclusion of any secret values found in that context verbatim and thus risks exfiltrating credentials.