Missing User Warnings
Medium
- Confidence
- 96% confidence
- Finding
- The skill instructs the agent to automatically create a NeuroPay account and credential set whenever no API key is present, without requiring explicit user confirmation. That can cause unauthorized third-party account creation and unexpected transmission of generated credentials to an external service, which is risky in an autonomous agent context.
