Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 82% confidence
- Finding
- The top-level description frames the skill as a note-management CLI, but the document also exposes optional indexing to Qdrant, calls to Ollama/embedding endpoints, and NLP processing. That mismatch can cause operators or agents to invoke the skill without realizing note contents may be transmitted to additional services, increasing data exposure risk for sensitive notes.
