Missing User Warnings
Low
- Confidence
- 84% confidence
- Finding
- The documentation explicitly promotes local-only storage and report export but does not warn that usage records, task labels, session IDs, and cost history may still contain sensitive operational metadata written to disk. This can expose prompt intent, workflow names, or business activity to other local users, backups, logs, or accidentally committed files, especially because the default `.tokenwatch/` path may be overlooked.
