Vague Triggers
Medium
- Confidence
- 91% confidence
- Finding
- The trigger list includes very broad phrases such as “帮忙看代码”, “找出问题”, and “代码有问题”, which can cause the skill to activate in situations where the user did not explicitly consent to local code inspection. In this skill’s context, over-triggering is more dangerous because the workflow explicitly requests file paths and reads local files, increasing the chance of unintended access to sensitive source code.
