Description-Behavior Mismatch
Medium
- Confidence
- 95% confidence
- Finding
- The skill advertises read-only vault access, but the documented command set goes beyond that scope by including backup, configuration changes, locking/logout, and secret injection features. This mismatch can mislead users and downstream agents into authorizing or invoking operations with broader side effects than the manifest implies, increasing the chance of unsafe handling of sensitive data.
