Missing User Warnings
Medium
- Confidence
- 93% confidence
- Finding
- The skill explicitly states that local files and data sources are read, processed, written to output files, and analyzed by a cloud-hosted model, but it does not provide any user-facing warning, consent step, or data-handling limitation. In this context, the inputs may include reports, SQL query results, knowledge-base content, and other potentially sensitive organizational data, so undisclosed transmission to a cloud model and local persistence create meaningful confidentiality and privacy risk.
