Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 82% confidence
- Finding
- The skill declares shell-capable execution through its documented use of curl and a submission script, but there is no explicit permission declaration or guardrail metadata indicating that shell/network execution is constrained. This can lead to agents invoking external commands in environments where such capabilities were not transparently disclosed or policy-gated, increasing the risk of unintended command execution and data transfer.
