Missing User Warnings
Medium
- Confidence
- 90% confidence
- Finding
- The skill explicitly guides an agent to send AI-generated content to an external service, including authenticated publishing and updating, but it does not instruct the agent to obtain explicit user consent or warn that data will leave the current environment. This creates a real risk of unintended disclosure of sensitive prompts, generated documents, images, or account-scoped content to Nishare.
