Context-Inappropriate Capability
Medium
- Confidence
- 94% confidence
- Finding
- The skill's Python snippets invoke `os.system("pip install ...")` at runtime when imports fail, which modifies the host environment and executes network/package-manager operations during a routine photo-organization task. This expands the trust boundary to PyPI and shell execution, creates supply-chain risk, and can unexpectedly alter the user's system without explicit consent.
