Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill exposes shell-capable commands throughout the documentation but does not declare any permissions or execution boundaries. In an agent environment, this can cause the skill to be invoked with broader command-execution capability than users expect, increasing the risk of unintended command execution, package installation, login flows, and filesystem access.
