Context-Inappropriate Capability
Medium
- Confidence
- 94% confidence
- Finding
- The skill goes beyond passive evaluation and instructs the agent to modify repositories via git commit and git revert. Even though these actions are framed as part of a 'ratchet' workflow, they create persistent state changes and rollback operations that can alter project history without an explicitly bounded authorization model, making unintended or user-surprising repository mutations possible.
