Context-Inappropriate Capability
Medium
- Confidence
- 91% confidence
- Finding
- The guide explicitly instructs the agent to suggest using sudo to resolve update failures, introducing a privilege-escalation path that is not necessary for the core purpose of scheduling updates. In a security-sensitive automation context, encouraging elevated execution can turn a routine updater into a mechanism for running package and skill updates with root privileges, increasing the blast radius if any updated component is compromised.
