Description-Behavior Mismatch
Medium
- Confidence
- 95% confidence
- Finding
- The skill advertises a template-driven RapidAPI client but also exposes a universal direct-call function that forwards attacker-controlled request parameters to the network layer. In this context, that bypasses the action registry and any template-level restrictions, enabling arbitrary outbound requests and turning the skill into a general HTTP proxy when combined with permissive host settings.
