Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 92% confidence
- Finding
- The skill is presented as a personal context-management helper, but the documented behavior goes further into filesystem scanning, automated file creation, retention analysis, and cleanup/deletion workflows. That mismatch is dangerous because users may consent to note-taking without realizing the skill can inspect local content, classify it as low value, and potentially remove files, increasing risk of privacy loss and unintended data destruction.
