Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill advertises simple document-level behavior but clearly instructs execution of shell commands and implies access to environment-dependent tooling without declaring those capabilities. This creates a trust and review gap: users or platforms may authorize the skill under false assumptions, while the skill can invoke local tools like Python, npm, and ffmpeg that may access local files, networked package sources, or inherited secrets.
