Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The remote port forwarding examples show how to expose a local service on a remote host, including binding to 0.0.0.0, but they do not clearly warn that this can make a local development or admin service reachable by other remote-network users. In an SSH tunneling skill this is legitimate functionality, but omission of an explicit exposure warning can lead users to unintentionally publish sensitive local services.
