migrate

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.80). The skill reads user/local config files and explicitly prints "Resolved defaults" and writes migrated JSON/CONTEXT files containing extracted values, so any secrets contained in those source files would be read and echoed verbatim in the migration preview and outputs (exfiltration risk), even though it doesn't explicitly prompt for API keys.