Missing User Warnings
Medium
- Confidence
- 95% confidence
- Finding
- The skill explicitly instructs users to collect and store personal contact data such as names, emails, phone numbers, LinkedIn URLs, job titles, and meeting notes, but provides no privacy notice, retention guidance, access controls, or handling requirements. In a sales/CRM context this is real risk because the workflow encourages accumulation of prospect PII and business-contact data that could be mishandled, over-retained, or processed without appropriate consent or legal basis.
