Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill instructs the agent to read from bundled references and run a script that generates a report artifact, which implies file read and file write capabilities, but no permissions are declared. This creates a trust and containment gap: the runtime may permit filesystem access without clear user-visible authorization boundaries, increasing the risk of unintended data exposure or overwriting files if the implementation is broader than expected.
