Intent-Code Divergence
Medium
- Confidence
- 94% confidence
- Finding
- The skill explicitly says AK/SK must never be exposed or directly entered, but elsewhere instructs users to pass `--cli-access-key` and `--cli-secret-key` on the command line. Command-line secrets are commonly exposed through shell history, process listings, logs, CI output, and shared transcripts, creating a realistic credential leakage path.
