Missing User Warnings
Medium
- Confidence
- 93% confidence
- Finding
- The skill prominently advertises tracking of file changes and git commits, but it does not clearly warn users that repository metadata and activity will be collected and stored. In an agent setting, this can expose sensitive filenames, commit metadata, branch history, or work patterns without informed user consent, especially when the agent is instructed to use the tool automatically.
