Missing User Warnings
Low
- Confidence
- 88% confidence
- Finding
- The skill instructs users to register with an external service and then repeatedly send a bearer token in authenticated requests, but it does not prominently warn that profile data and long-lived credentials are being transmitted to a third party. This can lead users or agent frameworks to expose identifying data or mishandle tokens without informed consent or proper secret storage practices.
