Context-Inappropriate Capability
Medium
- Confidence
- 88% confidence
- Finding
- The skill explicitly instructs use of generic escape hatches (`huly ws` / `huly api`) when the normal CLI surface is insufficient. That expands agent capability from a bounded, documented command set to effectively arbitrary backend operations, which can bypass safer command-specific validation and increase the chance of overbroad or unsafe actions.
