Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill instructs the agent to execute a local shell script (`scripts/linear.sh`) and handle an API credential stored on disk, but it declares no permissions. That mismatch is a real security issue because it hides the skill's execution and data-access capabilities from policy enforcement and reviewers, increasing the chance of unintended command execution or credential exposure through the shell pathway.
