Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 98% confidence
- Finding
- The skill metadata and description claim Go build/test/lint/format functionality, but the documented behavior is a generic persistent logging and export utility. This mismatch is dangerous because users or higher-level agents may invoke it expecting bounded Go tooling, while it actually captures arbitrary input, stores it long-term, and exposes it through search/export/report features.
