Intent-Code Divergence
Medium
- Confidence
- 89% confidence
- Finding
- The safety section claims all untagged actions are reads, but the only listed action, `convert`, performs an external processing operation on a user-supplied DocSend URL. Misclassifying it as read-only can cause the agent to invoke it without appropriate scrutiny or consent, especially because conversion may transmit sensitive document links and trigger external side effects such as fetching, processing, or generating downloadable artifacts.
