Unsafe Defaults
Medium
- Category
- Tool Misuse
- Content
- Optional **`git_head`** short hash of your repo It does **not** include API keys, env vars, or user PII by design. **If you push the repo to GitHub Pages, this JSON can become world-readable.** Agents must **warn the user** before any command that updates the snapshot if a push might follow. ## Declared filesystem scope (least privilege)
- Confidence
- 87% confidence
- Finding
- world-readable
