I can’t think of a situation where this would be useful on a web site except as an attack… you’re unlikely to know the path of average user files on a system since people aren’t robots… thus it would only work for “static” files, like logs and config files… the kind of files likely to have security implications.
A reasonable application is built by people who know they will need to support it, and have built in a means. My router has this option build in, it has a feedback page where it will extract and zip the log files and other pertinent information and send it appropriately, attaching a prompted support ID if needed.
If someone is adhockingly (my new made up word of the day) assuming the install location (remember some people install files to non-standard locations) and assuming the location of log files, the company producing the software needs a lot more support than the user will ever succeed in requesting. (IMHO)
It’s why I don’t keep my secret key in an available directory. It’s also why I secure it with a strong password. Every worthwhile GnuPG how-to mentions these measures. Many say not to put your secret key on any device. Keep it in a safe. Or Yubikey.