Natural-Language Policy Violations
Low
- Confidence
- 90% confidence
- Finding
- The skill includes a personalized section addressed to a specific role ('POLT CTO') and references named individuals' review contexts without any documented user-provided context or authorization. This creates a context-injection risk: an agent may inappropriately tailor outputs, leak assumptions about prior work, or adopt undue authority based on embedded third-party-specific guidance that is irrelevant to the current user request.
