Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The README instructs users to send arbitrary text, markdown, and alert data to a WeCom/WeChat webhook but does not clearly disclose that operational data, error messages, and potentially sensitive content will be transmitted to an external third-party service. This can lead users to unintentionally exfiltrate secrets, internal system details, or personal data through example code and automation workflows, especially in monitoring and scheduled notification scenarios.
