Context-Inappropriate Capability
Medium
- Confidence
- 90% confidence
- Finding
- This guide instructs the agent to persist externally supplied credentials into long-lived environment files such as shell profiles and .env files, expanding the skill from SOP extraction into credential management and system configuration. In the context of a skill generator, that capability is broader than necessary and can normalize collection and storage of sensitive secrets, increasing the chance of credential mishandling or abuse if reused by generated skills.
