Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill advertises and demonstrates file read/write behavior by accepting an input conversation file and producing an output file, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a host may load the skill believing it has no sensitive capabilities, while the implementation can still process local files and write derived data containing potentially sensitive conversation history.
