Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill advertises shell-based execution (`bash scripts/summarize.sh ...`) and mentions using `web_fetch` or `curl`, but it does not declare any permissions. This creates a transparency and policy gap: consumers may invoke a skill with network and shell capabilities they were not warned about, increasing the risk of SSRF, unsafe URL fetching, or broader command misuse in downstream implementations.
