Context-Inappropriate Capability
Medium
- Confidence
- 95% confidence
- Finding
- The skill explicitly instructs reading local `.env` contents and validating payment credentials, including API keys and private keys, before using the service. Even if this is meant for legitimate setup, it expands the skill from crypto data retrieval into accessing local secret material, which creates unnecessary exposure of sensitive credentials and could lead an agent to retrieve or mishandle secrets far beyond the user’s immediate request.
