Missing User Warnings
Medium
- Confidence
- 92% confidence
- Finding
- The skill explicitly recommends launching coding agents with high-autonomy flags like `--yolo` or `--full-auto` and demonstrates injecting shell commands into tmux sessions, but it does so without strong safety framing or approval requirements. In an agent setting, this normalizes unattended code execution and repository modification, increasing the chance of destructive changes, misuse of credentials, or execution of unsafe commands in the wrong directory/session.
