Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill instructs users to run local Python scripts that write output files and invoke ffmpeg via the shell, yet the skill declares no permissions or safety boundaries. In an agent environment, this mismatch can bypass expected review and consent controls, especially because the skill supports batch processing and automatic output generation that can modify many files.
