Missing User Warnings
Medium
- Confidence
- 95% confidence
- Finding
- The skill instructs users to extract and handle the `li_at` session cookie, which is effectively a bearer credential for the LinkedIn account. Anyone who obtains this cookie may be able to impersonate the user without needing their password or MFA, so presenting this workflow without a prominent security warning or safer handling guidance creates significant account takeover and privacy risk.
