Context-Inappropriate Capability
High
- Confidence
- 98% confidence
- Finding
- The resolver rejects absolute paths but does not prevent relative traversal such as `../`, so an attacker-controlled placeholder can cause reads of files outside the intended workspace. Because the file content is inlined into the output, this can expose secrets, source code, SSH keys, environment files, or other sensitive local data accessible to the process.
