Missing User Warnings
Medium
- Confidence
- 93% confidence
- Finding
- The skill is designed to collect, process, email, and store sensitive client information including contact details, identity documents, contracts, and payment information, but it provides no privacy notice, consent flow, retention limits, or safeguards around storage and transmission. This creates a real risk of improper handling of personal data, especially because the workflow encourages automation across email and spreadsheet-based CRM systems that may be unsuitable for sensitive records.
