Context-Inappropriate Capability
Medium
- Confidence
- 96% confidence
- Finding
- The skill documentation directs the agent to perform package installation, environment-variable changes, filesystem junction creation, and service restarts, which are system-administration actions well beyond stock analysis. If followed by an agent, these steps could modify the host environment, expand the attack surface, and normalize dangerous privileged operations triggered by ordinary user investment requests.
