Context-Inappropriate Capability
Medium
- Confidence
- 81% confidence
- Finding
- The skill instructs the agent to clone and install third-party code from GitHub at runtime, which expands trust to an external repository and introduces supply-chain risk unrelated to merely summarizing a video. In this context, installing software may be functionally useful, but doing so without pinning, verification, or explicit user approval creates a real security boundary crossing.
