Description-Behavior Mismatch
High
- Confidence
- 96% confidence
- Finding
- The schema claims a market/public API focus, but it also exposes private endpoints for balances, open orders, open positions, and trading actions. This creates a scope mismatch that can mislead downstream agents or users into invoking sensitive authenticated operations they did not expect, increasing the risk of unauthorized account access or fund-impacting actions when credentials are available.
