Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill advertises and documents extensive shell-script execution, cron setup, log monitoring, and automation, but no explicit permissions are declared. This creates a trust and review gap: users may install a skill with broad execution capability without clear consent or sandbox expectations, increasing the risk of unintended command execution or privileged automation.
