Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill advertises and instructs use of a Python CLI that can write files (`--output`, `--inplace`) and invoke shell/Python execution paths, yet the skill metadata shown here declares no corresponding permissions. That mismatch is a real security issue because agents or reviewers may treat the skill as lower-risk than it is, while it can modify user data and operate on arbitrary filesystem paths.
