Missing User Warnings
Medium
- Confidence
- 96% confidence
- Finding
- The README explicitly tells users to supply the API token on the command line, which commonly exposes secrets through shell history, process listings, audit logs, and screenshots or copied commands. Because this is installation and usage guidance, users are likely to follow it verbatim, making inadvertent credential leakage more likely.
