Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill is explicitly user-invocable and documents extensive shell-based operations, but it does not declare permissions or safety boundaries for executing those actions. That creates a mismatch between documented capability and governance, increasing the chance an agent will perform infrastructure changes without clear authorization controls or policy enforcement.
