Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill declares no permissions, but its documented workflow reads PDFs, writes manifests and rename outputs, and references an optional LLM parser that implies network access. Undeclared capabilities are dangerous because they prevent users and enforcement systems from understanding what the skill can do, increasing the risk of unauthorized file modification or data exfiltration from PDF contents.
