Credential Rotation After a Malicious Skill: Step-by-Step Playbook

Credential Rotation After a Malicious Skill: Step-by-Step Playbook

February 12, 2026 Updated: February 12, 2026 11 min read

If you suspect a malicious skill ran in your environment, assume credentials may be exposed.

This guide is a pragmatic playbook for what to do next.

Step 1: Contain first (stop the bleeding)

Stop running skills immediately.
Disconnect network if you suspect active exfiltration.
Preserve evidence (logs, command history) before cleanup.

Use case: /use-cases/incident-response

Step 2: Identify the credential surface area

List what the skill could have accessed:

.env files and config files
process.env variables
~/.ssh, ~/.aws, cloud SDK config
Git credentials / tokens

Step 3: Rotate in priority order

Rotate the credentials that create the largest blast radius first:

GitHub/GitLab tokens (repo access)
Cloud provider keys (AWS/GCP/Azure)
LLM provider keys (OpenAI/Anthropic/etc.)
Database credentials
Slack/email integrations

Step 4: Revoke sessions and audit access

revoke tokens/sessions in provider dashboards
check recent access logs if available
look for new SSH keys or deploy keys

Step 5: Prevent repeat incidents

After rotation, lock things down:

sandbox by default: /guides/sandbox-setup
no-network default: /guides/network-allowlist
verify skills: /verifier