Missing User Warnings
Medium
- Confidence
- 88% confidence
- Finding
- The README explicitly promotes use of an external detection API on user-provided text but does not warn that submitted content may leave the local environment and be processed by a third party. In a skill that analyzes arbitrary user text, this can lead to accidental disclosure of sensitive, proprietary, or regulated data because users and deployers may reasonably assume local-only processing unless told otherwise.
