With download_dir option, the plugin set test result files public-read, which permits non-authorized users to access the files.

Generally test result doesn't include sensitive information but it would be nice if the plugin has option that prevents files from setting public-read ACL.