Context-Inappropriate Capability
Medium
- Confidence
- 94% confidence
- Finding
- The skill requires agents to submit a follow-up email address when reporting newly discovered endpoints to an external service, but that data is not necessary for the core function of discovering or rating MPP endpoints. This creates unnecessary collection and transmission of identifying information, increasing privacy risk and enabling operator-side tracking or correlation of agent activity.
