Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill invokes shell scripts and external binaries (`bash`, `curl`, `jq`) but does not declare corresponding permissions, which weakens transparency and consent around code execution. In a skill handling immigration, tax, and document-related data, undisclosed execution capability increases risk because users may not realize local commands and remote API calls are occurring.
