session-to-agent

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill ingests full session transcripts and can seed generated prompt.md and exported memory with session facts and commands, so any API keys, tokens, or passwords present in the transcript/memory would be copied verbatim into the agent output—creating a high exfiltration risk.