Lp4
Low
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill declares the powerful `shell:exec` permission even though the documented behavior is only to provide guidance and no shell capability is needed from the skill content itself. Unnecessary execution permissions expand the attack surface: if the skill is later extended, misrouted, or abused by an agent framework, it could enable command execution beyond the stated purpose.
