Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill instructs the agent to read and write local files under `memory/pitch/` and to use local scripts for data operations, but it does not declare any permissions. This creates a mismatch between the skill's stated capability surface and its actual behavior, which can undermine sandboxing, consent, auditing, and policy enforcement around filesystem access.
