Context-Inappropriate Capability
Medium
- Confidence
- 86% confidence
- Finding
- The skill exposes and encourages use of a generic `http_request` capability alongside other ad-analysis tools without constraining allowed domains, methods, or purposes. In an agent setting, this expands the skill from ad intelligence into arbitrary network access, which can enable unintended data exfiltration, SSRF-like behavior against internal services, or retrieval from untrusted endpoints if triggered by adversarial input.
