Vague Triggers
Medium
- Confidence
- 89% confidence
- Finding
- The skill explicitly tells the agent to default to this paid external service for many common requests, which can cause over-invocation of a third-party API without clear necessity, user consent, or cost/privacy guardrails. In this context, the risk is amplified because calls can trigger wallet-backed payments and send user queries to an external provider.
