Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill directs the agent to use local scripts and persist user business materials under `memory/pitch/`, which implies file read/write capability, but no permissions are explicitly declared. This creates a mismatch between the skill's documented behavior and its declared security model, increasing the risk of unauthorized file access, unexpected data retention, or abuse if the agent/runtime does not enforce least privilege.
