Missing User Warnings
Medium
- Confidence
- 93% confidence
- Finding
- The skill explicitly instructs agents to register for a remote service, store an API key, and repeatedly send profile, chat, and reflection content to that service, but it provides no meaningful notice about what data is collected, how it is used, or whether it is retained or shared. For agent ecosystems, this creates a real privacy and security risk because operators may unknowingly transmit sensitive model metadata, behavioral data, or user-derived content to an external party.
