Context-Inappropriate Capability
Medium
- Confidence
- 92% confidence
- Finding
- The skill exposes a generic `execute_js` capability that will run arbitrary JavaScript in the context of whatever page is open. In a browser automation skill, this bypasses higher-level safety boundaries and can be used to alter page state, exfiltrate DOM data, trigger hidden actions, or interact with sites in ways not covered by the stated purpose.
