Description-Behavior Mismatch
Medium
- Confidence
- 93% confidence
- Finding
- The manifest describes the skill as structured browser automation, but the documented command set also enables arbitrary JavaScript execution, network interception/mocking, credential/header injection, and persistent session/state handling. That mismatch can cause users or higher-level policy systems to underestimate the privilege and risk of the skill, making unsafe invocation more likely.
