Context-Inappropriate Capability
Medium
- Confidence
- 87% confidence
- Finding
- The monthly maintenance cron grants an autonomous agent the ability to republish all published skills based only on a local-vs-remote comparison, without any approval gate, scope restriction, or integrity verification. In this skill context, that is dangerous because republishing changes externally distributed agent behavior at scale, so a compromised local workspace, bad prompt output, or unintended file change could silently push altered skills to users.
