Description-Behavior Mismatch
Medium
- Confidence
- 92% confidence
- Finding
- The description does not disclose that the skill can create and perform cracking attacks through HashMob attack endpoints. In context, that omission is security-relevant because users may authorize a generic 'interaction' skill without realizing it can drive offensive password-cracking workflows or submit attack progress to a third-party service.
