Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The README instructs users to pass Feishu recipient identifiers and app credentials on the command line and send content over the network, but it does not warn that these values will be transmitted to external services and may also be exposed locally via shell history or process listings. In a skill that generates promotional material for direct delivery, this omission makes accidental credential mishandling and unintended data disclosure more likely.
