Description-Behavior Mismatch
Medium
- Confidence
- 91% confidence
- Finding
- The skill is scoped as local PDF formula extraction, but the documentation expands its effective behavior to support URLs and references the broader authenticated `crawl` workflow. That mismatch can cause users or downstream agents to fetch and transmit remote content to an external service without realizing the skill has network/data-exfiltration behavior beyond local document processing.
