Context-Inappropriate Capability
Medium
- Confidence
- 95% confidence
- Finding
- The workflow accepts `file_removed` events from remote peers and directly executes `rm -f "$DROPBOX_DIR/$FILENAME"` with no authentication, authorization, origin validation, or path sanitization. In a multi-peer sync skill, remote deletion may be part of the feature set, but implementing it without trust controls or safety checks allows any peer able to publish events to delete local data inside the synchronized folder.
