Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 91% confidence
- Finding
- The documented behavior is narrower than the detected operational scope, especially around purchase execution, exchange integration, alerts, and possible credential use such as account_id/private_key. This mismatch is dangerous because users may authorize or run a financial automation skill without understanding that it can execute trades, persist strategy data, and potentially handle secrets across more systems than disclosed.
