Context-Inappropriate Capability
Medium
- Confidence
- 96% confidence
- Finding
- The --allow-unsafe flag explicitly permits evaluation of Wolfram expressions containing filesystem, network, and process-control primitives. In a skill advertised as a math-expression evaluator, this creates a dangerous capability escalation path from pure computation to arbitrary side-effecting operations, enabling file access, outbound requests, or command execution if an attacker can influence arguments.
