Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill instructs the agent to execute shell commands (`scripts/mihomo-cli.sh ...`, `ps aux | grep ...`) but does not declare corresponding permissions. This creates a capability mismatch where a reviewer or runtime may underestimate the skill's ability to inspect local processes, read local config paths, and interact with a local privileged network-control API, increasing the chance of unintended local data exposure or state-changing actions.
