Context-Inappropriate Capability
Medium
- Confidence
- 87% confidence
- Finding
- The skill's stated purpose is a personalized workplace check-in greeter, but it executes another local script discovered via filesystem and environment-derived paths. That creates a trust-boundary violation: if an attacker can place or replace a matching learning_checkin.py in a searched location, this skill will execute arbitrary code under the current user's privileges.
