Context-Inappropriate Capability
Medium
- Confidence
- 91% confidence
- Finding
- The skill goes beyond generating a news briefing and instructs the agent to probe the local environment (`which openclaw`) and potentially configure persistent scheduling via `openclaw` or system `crontab`. That expands scope from content retrieval into local system interaction and persistence, which can create unintended side effects or unauthorized task creation if the skill is auto-invoked or the user did not explicitly consent to system-level scheduling.
