Missing User Warnings
Medium
- Confidence
- 89% confidence
- Finding
- The script takes arbitrary user-entered prompts and silently persists them to a local file, which can expose sensitive or proprietary information if users paste credentials, internal data, or personal content. The risk is increased because the behavior is not clearly disclosed before collection, so users may reasonably assume the input is ephemeral.
