Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 93% confidence
- Finding
- The skill is presented as documentation, but it contains prescriptive operational commands that install packages, kill processes, delete lock files, modify configuration, and start services. That mismatch is dangerous because an agent or operator may treat it as read-only guidance while it actually normalizes impactful system changes and credential-related handling.
