Missing User Warnings
Medium
- Confidence
- 94% confidence
- Finding
- The guide instructs users to pass Access Key material directly on the command line and via environment variables, but does not warn that command-line arguments can be captured in shell history, CI logs, terminal recordings, or process listings. In an agent-driven deployment skill, this is more dangerous because users may copy-paste secrets into automated workflows where logging and audit systems persist them.
