Missing User Warnings
Medium
- Confidence
- 90% confidence
- Finding
- The README instructs users to send campaign content through a paid third-party inbox-testing service and shows use of a live API key format, but it does not clearly warn that email content, seed-test messages, authentication results, and possibly screenshots will be transmitted to an external provider. In this skill context, that omission is more dangerous because agents may automatically process draft campaigns or sensitive outbound content, creating confidentiality, compliance, and vendor-risk exposure before users make an informed decision.
