Missing User Warnings
Medium
- Confidence
- 91% confidence
- Finding
- The README instructs users to configure API credentials and send text to a remote iFlytek TTS service, but it does not clearly disclose that the provided text content will be transmitted to a third-party provider for processing. In an agent skill context, users may submit sensitive prompts, documents, or personal data for speech synthesis, so the missing disclosure creates a privacy and compliance risk rather than a code-execution issue.
