Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 86% confidence
- Finding
- The skill advertises shell-based installation and execution steps (`setup.sh`, `check.sh`) but declares no permissions, so users and security tooling are not clearly informed that it can execute local scripts and modify the system. That lack of transparency increases risk because the skill can perform actions such as scheduling jobs and writing state files without an explicit permission boundary.
