Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill clearly describes and demonstrates filesystem read/write behavior against workspace and memory files, but it does not declare any permissions or safety boundaries. This can mislead users and hosting platforms about the skill's effective capabilities, increasing the risk of unintended file modification, pruning, or data loss when the skill is installed or invoked.
