Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill documentation describes executable scripts and API interactions but does not declare permissions, while static analysis detected shell capability. This creates a transparency and consent problem: a user or orchestrator may invoke code with broader execution/network effects than the skill metadata communicates, increasing the chance of unintended command execution or external data transfer.
