Intent-Code Divergence
Medium
- Confidence
- 98% confidence
- Finding
- The skill explicitly claims it contains no executable code and is safe for automatic approval, yet it provides concrete instructions and code snippets for storing and executing scripts and for retrieving credentials via a local API token. This is dangerous because the 'safe for automatic approval' framing can reduce scrutiny around a skill whose primary purpose is privileged script execution with limited visibility to the AI reviewer.
