Missing User Warnings
Medium
- Confidence
- 86% confidence
- Finding
- The README explicitly instructs the agent to persist user-uploaded documents and a searchable index on local disk, but it does not mention retention limits, access controls, deletion procedures, or handling of sensitive content. In a knowledge-base skill, this creates a real confidentiality and privacy risk because users may upload proprietary or personal documents that remain stored and retrievable beyond the immediate task.
