Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill invokes a shell script but does not declare permissions, which hides its execution capabilities from the platform and from reviewers. Undeclared shell access increases risk because the skill can transmit data or perform side effects without an explicit permission boundary, and here it is used to send user-supplied URLs plus an API token to an external service.
