Missing User Warnings
Medium
- Confidence
- 98% confidence
- Finding
- The skill instructs users to store Overleaf credentials or tokens in a plaintext file under the home directory. Even with chmod 600, plaintext secrets can be exposed through backups, logs, misconfigured tooling, endpoint compromise, or accidental disclosure, creating account takeover risk for the Overleaf project and any linked private documents.
