Missing User Warnings
Medium
- Confidence
- 98% confidence
- Finding
- The migration step instructs users to ingest `MEMORY.md` into a persistent memory service without warning that the file may contain secrets, credentials, internal URLs, personal data, or sensitive project history. Persisting that content expands retention and discoverability, increasing the chance of unintended disclosure across sessions or agents.
