Context-Inappropriate Capability
Medium
- Confidence
- 98% confidence
- Finding
- The skill repeatedly instructs agents to read a long-lived OAuth token from a local credentials file and inject it into commands for routine operation. That expands the skill from setup guidance into credential-access behavior, normalizes secret handling by agents, and increases the chance of credential disclosure through logs, inherited environments, or downstream tooling.
