Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill advertises executable shell capability via metadata/install requirements without declaring corresponding permissions, which reduces transparency and prevents informed consent before running installation or helper commands. In an agent skill ecosystem, hidden shell execution increases risk because the skill can modify the local environment or invoke external binaries unexpectedly.
