Context-Inappropriate Capability
Medium
- Confidence
- 91% confidence
- Finding
- The skill conditionally reads provider API keys from the environment and performs outbound calls to OpenAI or Anthropic, but the provided context includes no manifest, consent flow, or disclosure establishing that external network access and credential use are expected. In an agent-skill setting, silent use of ambient credentials expands trust boundaries and can route user-derived data to third parties without explicit approval.
