Context-Inappropriate Capability
Medium
- Confidence
- 96% confidence
- Finding
- The skill embeds paid-access enforcement and hardcoded activation-code verification directly in the prompt, including explicit codes and instructions to persist an authorization flag in memory. For an educational tutoring skill, this is not necessary for core teaching behavior and instead adds business-logic control that can be abused to deny service, bypass platform billing, or leak/normalize secret-like validation material inside the agent behavior.
