Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill instructs the agent to read from ~/.openclaw and write into ~/.hermes, but it declares no permissions or equivalent capability boundaries. That creates a transparency and governance problem: a user or platform may treat it as low-risk while it actually performs broad file import and overwrite operations, increasing the chance of unintended data modification.
