Vague Triggers
Medium
- Confidence
- 93% confidence
- Finding
- The skill description is extremely broad and can match many ordinary requests about building, launching, or adding auth/database support, causing the agent to invoke a deployment workflow in situations where the user did not clearly ask to publish code or incur external side effects. In this skill's context, that broad trigger is more dangerous because the skill performs networked authenticated actions, can create public URLs, and may lead to billable operations or exposure of unfinished/private applications.
