Description-Behavior Mismatch
Medium
- Confidence
- 88% confidence
- Finding
- The manifest frames the skill as team management, but the documentation also covers collecting credentials and configuring external messaging integrations. That scope expansion is security-relevant because users may invoke the skill expecting low-risk org management while it performs broader account-linking actions.
