Missing User Warnings
High
- Confidence
- 98% confidence
- Finding
- The README includes real-looking app credentials and explicitly demonstrates printing access tokens, which creates a strong risk of credential and bearer-token disclosure through source control, logs, terminals, screenshots, or copied command history. In a camera streaming skill, exposed tokens or app secrets could enable unauthorized access to live feeds, playback, or related device APIs.
