Missing User Warnings
Medium
- Confidence
- 81% confidence
- Finding
- The skill documents sending, receiving, and reading email contents through a third-party REST API but provides no warning that message content, metadata, agent identifiers, and API keys are transmitted to and processed by an external service. In a security-sensitive agent ecosystem, that omission can cause users to unknowingly expose sensitive communications or credentials to an outside provider.
