Tp4
High
- Category
- MCP Tool Poisoning
- Confidence
- 88% confidence
- Finding
- The skill is presented as a comment/docstring extractor, but the documented support for external JSON configuration and generic symbol extraction means it can be repurposed to extract arbitrary regex-matched content from files. That mismatch is dangerous because users or orchestrators may grant access under the assumption of narrow comment-only behavior, when the actual behavior enables broader file content extraction and potential data exposure.
