Missing User Warnings
Medium
- Confidence
- 95% confidence
- Finding
- The skill explicitly encourages sharing secrets, configs, logs, diffs, and .env files through a third-party service but does not clearly warn users that this transmits sensitive data off-host to an external provider. Even if the service offers encryption and access controls, users may expose credentials, tokens, internal code, or regulated data through misuse or overtrust in the tool description.
