Context-Inappropriate Capability
Medium
- Confidence
- 92% confidence
- Finding
- The skill explicitly instructs invoking an external CLI via shell and describes scenarios where that subprocess can directly perform broad project modifications. This expands the agent's effective authority from advisory coding assistance into delegated code execution and file mutation, increasing the chance of unintended edits, unsafe shell actions, or misuse of project access beyond what a user may expect from the manifest description.
