Context-Inappropriate Capability
High
- Confidence
- 98% confidence
- Finding
- The skill is described as browser automation, but it explicitly exposes `browser-use python` for arbitrary persistent Python execution. That materially expands capability from controlled browser interaction to general code execution, which can enable filesystem access, process execution, secret access, or chaining with browser state in ways users and policy controls may not expect.
