Missing User Warnings
Medium
- Confidence
- 97% confidence
- Finding
- The skill facilitates uploading arbitrary workspace files to an external third-party service, but the description does not prominently warn users that data leaves the local environment and may be exposed to an external provider. This can lead to accidental exfiltration of sensitive logs, reports, credentials, or internal artifacts because users may interpret the action as routine local file handling rather than external sharing.
