The problem is not falling, or not in the hands of a user,.. the main problem is the link itself, ...involves a breach of security, should be considered at least as risky, especially is so simple to copy .. . I think that would sit on the pc with a coworker and copy your rss links, in addition, the system never warns about private data included in the rss link, therefore, a dummy user can share this link, without considering the risk.
I discuss this issue with ten or fifteen programmers coworkers, and all believe it is a serious security hole... does anyone think the same?