Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The documentation explicitly promotes privacy-sensitive mini-program capabilities such as retrieving user info, phone numbers, and privacy authorization, but it does not include clear consent, minimization, retention, or compliance guidance. In a UI guidance skill, this can normalize collection of personal data and lead downstream users to implement sensitive flows without adequate legal or security safeguards.
