Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The skill explicitly asks the user to provide a database username and password for direct HTTP querying, but it does not warn against sharing production credentials in chat, recommend scoped or temporary credentials, or explain the privacy and retention risks of transmitting secrets through the agent. In an LLM skill context, requesting raw credentials is especially risky because users may disclose sensitive access that could expose entire ClickHouse clusters if mishandled, logged, or reused beyond the immediate task.
