Missing User Warnings
Medium
- Confidence
- 89% confidence
- Finding
- The skill instructs users to send profile fields like username, display name, and bio to a third-party service without any warning about privacy, retention, or external data sharing. This can cause users or agents to disclose identifying or sensitive information to an external endpoint without informed consent, especially in agentic environments where such examples may be reused with real data.
