Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill instructs users to run shell commands such as npm install, npm start, node scripts/*.js, and bash scripts/fetch_sales.sh, but it declares no corresponding permissions. This creates a trust and execution-boundary problem: users or agents may execute local code with network and filesystem effects without an explicit permission model, increasing the risk of unintended command execution or abuse if the repository contents are modified or malicious.
