Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill invokes local scripts via `node` and `python3` and instructs reading local reference files, which implies shell execution and file-read capability without declaring corresponding permissions. This creates a transparency and policy-control gap: the host may permit actions the user was not clearly informed about, increasing the risk of unintended command execution or local file access during skill runs.
