Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill explicitly documents invoking a local Python script and using the external `catt` command, which are shell-capable actions, but it declares no permissions or equivalent safety boundaries. This creates a trust gap: an agent may execute local commands or interact with networked casting devices without clear user-visible authorization, increasing the risk of unintended command execution or device misuse.
