Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The skill explicitly recommends saving and reusing browser session state via local files such as auth.json, but it does not warn that these files can contain sensitive cookies, tokens, or other authentication artifacts. In an agent context, this increases the chance that credentials are persisted insecurely, reused across tasks, or exposed through logs, shared workspaces, or source control.
