Context-Inappropriate Capability
Medium
- Confidence
- 89% confidence
- Finding
- The instruction to open user-supplied links with tools or web access can enable server-side request forgery style behavior, retrieval of internal-only resources, or access to attacker-controlled content that triggers downstream processing. In a resume assistant, fetching arbitrary URLs is not inherently required unless constrained, so the skill context makes unrestricted link access more dangerous rather than less.
