Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill advertises only unit-testing guidance, but the content explicitly references shell commands, file packaging, report generation, and creation of files/scripts without any declared permissions boundary. That mismatch can cause an agent or user to allow filesystem and shell-capable behavior implicitly, increasing the chance of unintended command execution, file modification, or repository changes.
