Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 89% confidence
- Finding
- The skill claims it does not rely on scripts and is performed directly by the agent, yet it documents a script-based fallback that reads local files, cleans text, generates prompts, and writes analysis output. This mismatch is dangerous because operators and policy systems may grant trust based on the declared low-risk behavior while the actual supported workflow introduces additional execution and file-handling surfaces.
