Missing User Warnings
Medium
- Confidence
- 83% confidence
- Finding
- The skill advertises generating schemas from live running containers but provides no warning that environment variables commonly contain secrets such as API keys, tokens, and database credentials. Encouraging extraction from live systems without safety guidance can lead users to enumerate, copy, or expose sensitive configuration data into reports, logs, or shared artifacts.
