caveman-compress

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill instructs the agent/CLI to read user files and "preserve EXACTLY" code blocks, inline code, URLs, file paths and environment variables while calling Claude to compress — so any secrets present in those regions would be sent to the LLM and reproduced verbatim (no redaction), creating a high exfiltration risk.