Intent-Code Divergence
Medium
- Confidence
- 94% confidence
- Finding
- The code explicitly deletes HTTP(S)_PROXY environment variables process-wide immediately before performing an authenticated API request, despite the comment claiming it honors local proxy preferences. In a deployment skill that operates on cloud infrastructure, this can bypass enterprise egress controls, logging, DLP, and security inspection that rely on proxies, and it can also change network behavior for subsequent code in the same process.
