Context-Inappropriate Capability
Medium
- Confidence
- 94% confidence
- Finding
- Scanning ~/.zshrc, ~/.bashrc, ~/.bash_profile, ~/.profile, and ~/.zprofile to locate an API key accesses broader local user data than is needed for prohibited-word detection. Shell init files often contain unrelated secrets, tokens, aliases, and personal configuration, so this behavior unnecessarily expands the attack surface and may expose sensitive information.
