Description-Behavior Mismatch
Medium
- Confidence
- 94% confidence
- Finding
- The manifest markets the skill as a prompt builder, but the documented behavior extends into account creation, remote content ingestion, belief/review workflows, and identity mutation. That scope mismatch is dangerous because users or agents may invoke it under a narrow trust assumption while actually granting a remote service broad control over agent identity and prompt material.
