Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill declares no permissions, yet its instructions explicitly allow use of python3 with input/output files and reference local resources, which implies shell execution plus file read/write capability. This mismatch weakens least-privilege controls and can cause users or the host platform to trust the skill as low-risk when it can actually access or modify local data.
