Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- This code reads arbitrary file contents from a local path and sends them to a user-supplied remote endpoint with no validation, allowlisting, confirmation, or disclosure. In an agent-skill context, that creates a clear exfiltration primitive: a caller can cause sensitive local data to be transmitted off-host, making the skill materially more dangerous than a normal utility script.
