pencil

BENIGN in purpose and data flow, but medium-high security risk from depending on a private, non-publicly auditable local MCP binary bundled in an IDE extension. Capabilities are well aligned with design-file editing, with no clear credential theft or exfiltration behavior, yet the unverifiable executable keeps overall risk elevated.