Enterprise Knowledge Base Manager

A real exposed provider key could be reused by anyone with the skill package, causing account abuse, cost exposure, or access to provider-side data.

The scan reports hardcoded API secret/token material in multiple code and documentation files, while the registry declares no primary credential or required env vars.

Users may upload confidential enterprise documents believing content never leaves the machine, even though embedding workflows commonly send text to a provider API.

The skill advertises external embedding providers but also claims all data is local and not uploaded to the cloud, which can mislead users about document/query processing.

Private business documents and user queries may be transmitted to an external embedding provider without the user understanding that data flow.

Parsed document content is chunked and passed to an Embedder that the configuration/SKILL describe as DashScope or OpenAI-backed; the provider data boundary is not clearly disclosed.

One agent or user could add, alter, or delete knowledge that other agents later treat as trusted enterprise context.

The design creates persistent shared KB state across skills/agents, with manager write/delete authority and only high-level access-control claims.

A mistaken or over-broad delete request could remove indexed business knowledge.

The skill exposes a document-deletion workflow. It is purpose-aligned, but the visible code does not show confirmation, backup, or rollback.

Future installs may resolve to different dependency versions than the author tested.

The skill uses normal PyPI dependencies for its purpose, but they are not locked to exact versions and the registry source/homepage is unknown.