Context-Inappropriate Capability
Medium
- Confidence
- 88% confidence
- Finding
- The script silently searches ~/.openclaw/openclaw.json for an ACCESS_KEY and uses it for outbound API calls. Auto-discovering credentials from another local tool increases the blast radius of this skill because it can operate with ambient secrets without explicit user consent, which is risky even if the apparent purpose is knowledge-base upload.
