Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill invokes shell commands and reads local files or directories, but declares no permissions or trust boundaries. That creates a transparency and policy gap: an agent may execute filesystem and shell actions users and reviewers did not explicitly authorize, increasing the risk of unintended local access or command misuse.
