Missing User Warnings
Medium
- Confidence
- 94% confidence
- Finding
- The skill explicitly documents importing Telegram message text plus rich metadata (group names, sender identifiers, keywords, reply status, and flags) into a vector database, but provides no warning that this may ingest sensitive personal or confidential content. In this context, the omission is security-relevant because vectorized chat archives can become broadly queryable and harder to govern, increasing the risk of privacy leakage, unauthorized retention, or secondary misuse of communications data.
