Description-Behavior Mismatch
Medium
- Confidence
- 89% confidence
- Finding
- The manifest says the skill does not do read-only lookups or wallet/account management, yet the workflow includes quote/history queries and setup-time authentication handling. This inconsistency can mislead policy engines and users about what data is accessed and what account-related operations occur, weakening trust and review controls.
