Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill exposes shell execution capability via referenced scripts (`fetch-plan.sh` and `fetch-status.sh`) while declaring no explicit permissions. That weakens the trust boundary for users and orchestrators, because the skill can invoke local command execution and networked actions without transparent capability declaration.
