Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill advertises executable shell-driven deployment behavior but does not declare corresponding permissions or operational capabilities in a transparent way. This weakens user consent and review controls, especially because the documented workflow includes Docker operations that can modify local system state and expose host resources to a container.
