Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill exposes shell-execution behavior through installation and CLI commands but does not declare permissions or clearly scope that capability. Hidden execution capability increases the chance an agent will perform system-changing actions without appropriate consent, review, or sandboxing.
