Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 83% confidence
- Finding
- The skill instructs the agent to execute shell commands (`node {skill_dir}/cli/lx-music-cli.js ...`) and appears to access local configuration/environment, but it declares no permissions. Undeclared shell capability is dangerous because it hides the true execution surface from reviewers and policy engines, and user-provided arguments such as song names, singers, playlist IDs, or URLs may later be passed into command execution paths.
