Why does the skill have so many allowed-tools?

[nimirium]

plugins/babysitter/commands/call.md has this line:

allowed-tools: Read, Grep, Write, Task, Bash, Edit, Grep, Glob, WebFetch, WebSearch, Search, AskUserQuestion, TodoWrite, TodoRead, BashOutput, Skill, KillShell, MultiEdit, LS

I want to use babysitter but I feel like I should decide for myself what tools I allow. This list feels prone to vulnerabilities like prompt injection.
For example, the mix between unlimited WebSearch, Read and WebFetch feels unsafe.
One prompt injection from an auto-approved WebSearch on a random webpage, and babysitter will Read my files and WebFetch them to an attacker's API.

[epifeny]

Sounds like you're on to something. This is OSS, so you could fork it and propose a PR...