Vague Triggers
Medium
- Confidence
- 88% confidence
- Finding
- The trigger language is broad enough to activate on generic requests like checking system status or viewing an overview, which can cause the skill to run in situations where the user did not specifically ask for host-level diagnostics. Because the skill exposes sensitive environment details such as uptime, resource utilization, disk layout, and open ports, over-triggering increases the chance of unintended information disclosure.
