Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill declares shell-capable handler commands and external tool requirements (`jq`, `curl`) but does not declare corresponding permissions or clearly scope those capabilities. This creates a trust and review gap: users or platforms may not realize the skill can execute shell commands and make network requests, increasing the risk of unintended command execution or data access in downstream implementation.
