Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill advertises capabilities that imply writing files (for example, saving QR codes and likely local URL storage/export) but does not declare any permissions. This creates a transparency and policy-enforcement gap: an agent or reviewer may assume the skill is read-only when it can persist data to disk, increasing the risk of unauthorized file creation, overwriting files, or storing sensitive URLs locally without explicit approval.
