Description-Behavior Mismatch
Medium
- Confidence
- 92% confidence
- Finding
- The file instructs the agent to degrade to 'headless CLI children' by writing prompts to files and launching background shell processes. That expands the skill from composition guidance into process spawning and shell orchestration, which increases attack surface and can execute arbitrary prompt-derived work outside the intended contract. In this context, the child prompts may contain untrusted workflow content, so normalizing shell-based execution as a fallback is risky.
