Context-Inappropriate Capability
High
- Confidence
- 98% confidence
- Finding
- The workflow explicitly instructs the agent to help users persistently set the REDFOX_API_KEY in shell startup files or Windows user environment settings. This is dangerous because it drives the agent to modify long-lived system configuration and handle secrets in a way that can expose credentials to other processes, future sessions, shared accounts, or accidental disclosure in terminal history and logs.
