Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill instructs the agent to execute a bundled shell script, but the skill declares no permissions despite clearly requiring shell/code execution capability. This creates a trust and governance gap: the agent may run external commands and access local files or environment secrets without an explicit permission boundary, making misuse, prompt injection, or unintended command execution harder to audit and constrain.
