Context-Inappropriate Capability
Medium
- Confidence
- 95% confidence
- Finding
- The exportTransactions method writes ledger contents to a caller-supplied filePath with no validation or confinement to the skill's workspace. In an agent setting, untrusted prompts or tool invocations could cause sensitive financial records to be written to arbitrary locations, enabling data exfiltration, overwriting of unrelated files, or placement into shared/public directories.
