Context-Inappropriate Capability
Medium
- Confidence
- 95% confidence
- Finding
- The skill instructs operators to record user identity descriptors, feedback, and future needs even though the skill’s stated purpose is multi-round reasoning rather than user management or analytics. This creates unnecessary collection and retention of potentially sensitive user-provided information, increasing privacy and misuse risk without a clear functional justification.
