Description-Behavior Mismatch
Medium
- Confidence
- 94% confidence
- Finding
- The README advertises a built-in self-evolution system that can optimize the skill itself, which exceeds the declared scope of generating, rewriting, or reviewing embedded C code. Scope expansion is dangerous because it creates a path for the skill to modify behavior, evaluate itself, or invoke subordinate agents in ways users may not clearly intend, increasing prompt-injection and unauthorized capability risks.
