Intent-Code Divergence
Medium
- Confidence
- 86% confidence
- Finding
- The helper claims to send an MCP request, but it also writes full request contents to a predictable file under /tmp and launches an external curl process. This creates unintended local data exposure and expands the trust boundary beyond the documented behavior, which is especially risky for financial/account queries.
