Missing User Warnings
Medium
- Confidence
- 93% confidence
- Finding
- The provider automatically uploads local media files to DashScope temporary OSS storage for model families that do not accept local files directly, and this happens without an explicit consent gate or prominent warning at the upload point. Even though the upload is necessary for functionality and appears intentional rather than malicious, it can expose sensitive local images or video frames to a third-party cloud service unexpectedly, which is a real privacy and data-handling risk.
