Missing User Warnings
Medium
- Confidence
- 86% confidence
- Finding
- The README advertises optional VirusTotal integration but does not clearly disclose that using this feature may send file hashes, filenames, or other file-derived metadata to a third-party service. In a security-scanning skill, this omission can cause users to expose sensitive project information without informed consent, especially when scanning private or unreleased code.
