Context-Inappropriate Capability
Medium
- Confidence
- 92% confidence
- Finding
- The script prints and returns sensitive connection metadata including a public key, fixed external IP address, connection string, and owner name. In an agent-skill context, this can disclose infrastructure details to unintended consumers, enabling targeting, unauthorized connection attempts, or privacy leakage beyond the stated purpose of merely starting a node.
