Context-Inappropriate Capability
Medium
- Confidence
- 93% confidence
- Finding
- The skill explicitly instructs the agent to invoke a shell command (`openclaw ntf search`) to retrieve data, which expands the skill from passive summarization into tool-driven system access. Even though the command appears fixed and task-relevant, shell execution increases attack surface because a summarization request can now trigger external command execution and access potentially sensitive notification data.
