Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 95% confidence
- Finding
- The skill promises a 'self-contained HTML' report, but the document explicitly states it loads ECharts from a public CDN at view time and also exposes extra behaviors like returning an open command and structured analysis artifacts. This mismatch can mislead users about network isolation and downstream actions, which matters for sensitive data workflows where users may rely on offline or non-networked guarantees.
