Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill declares no permissions, yet its instructions explicitly allow invoking `python3` and reading local resources, which implies shell execution and file access beyond a purely text-planning skill. This creates a capability transparency problem: operators and policy systems may trust the skill as low-risk while it can access local files and run code, increasing the chance of unintended data exposure or misuse.
