Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 88% confidence
- Finding
- The skill advertises itself as a router for image editing and ecommerce image generation, but the documented behavior adds a SKU-driven pipeline that queries a database and may load external environment configuration. That expands the trust boundary from user-supplied image processing into backend data access and automation, which can expose internal product data, secrets, or unintended operational actions if the SKU path is triggered or misused.
