Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill declares executable Python behavior that writes an output HTML file, but it does not declare any explicit permissions despite having file-write capability. This creates a trust and containment gap: users or orchestration systems may treat the skill as lower risk than it is, and the unrestricted `--output` parameter could enable overwriting arbitrary workspace files if not constrained by implementation.
