Description-Behavior Mismatch
Medium
- Confidence
- 92% confidence
- Finding
- The file documents `authorize-security-group` and `revoke-security-group`, which are state-changing commands that alter network access rather than merely inspect or diagnose ECS state. In a diagnostics skill, including write-capable security group operations expands the skill from observation into infrastructure modification, increasing the risk of accidental exposure, lockout, or misuse if the agent invokes these commands during troubleshooting.
