Missing User Warnings
Medium
- Confidence
- 97% confidence
- Finding
- The skill explicitly directs users to a remote third-party MCP endpoint and supports uploading images and sending prompts, but it does not warn that those inputs will be transmitted to an external service. This creates a privacy and data-handling risk because users may unknowingly send sensitive images, prompts, or generated content to Memesio under that provider's retention, logging, and policy controls.
