Missing User Warnings
Medium
- Confidence
- 97% confidence
- Finding
- The skill instructs the agent to publish conversation-derived documents to a publicly reachable web server and to retain a copy in an archive directory, but it does not require explicit user consent or warn that the content may be publicly accessible and persist after download. This creates a real risk of unintentionally exposing sensitive prompts, credentials, internal architecture details, or personal data derived from the conversation.
