Context-Inappropriate Capability
Medium
- Confidence
- 90% confidence
- Finding
- The script reads KEYAPI_TOKEN not only from the current process environment but also by opening the user's shell profile and extracting a managed block. That is broader host-file access than is necessary for making an API request and creates an unnecessary path for harvesting secrets from local configuration files. In the context of an API client skill, this increases trust requirements and expands the blast radius if the skill is modified or reused maliciously.
