Missing User Warnings
High
- Confidence
- 97% confidence
- Finding
- The skill explicitly retrieves the active gateway token or password and sends it over WhatsApp, which is an external messaging channel that may expose secrets to unintended recipients, backups, linked devices, or compromised endpoints. The danger is amplified because the transmitted secret is sufficient for manual setup and may enable unauthorized gateway access if intercepted or misdelivered.
