Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 82% confidence
- Finding
- The skill declares a local Python script and resource usage that imply file read/write capability, but it does not explicitly declare corresponding permissions. That creates a transparency and policy-enforcement gap: a reviewer or runtime may underestimate what the skill can access or modify, and users are not clearly informed about filesystem effects. In this context the script is local and the documented use is limited to generating drafts and structured outputs, which reduces suspicion, but undeclared write capability still increases risk if the script is changed or invoked on unintended paths.
