Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill documentation describes shell-capable execution paths (`python3.11 -m termaid` and `scripts/render.py`) but does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: users and the platform may not realize the skill can execute local commands, increasing the risk of unintended code execution pathways or insufficient review.
