Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill advertises and instructs use of environment-derived configuration plus read/write access to an Obsidian vault, but it does not declare explicit permissions or constraints for those capabilities. That creates hidden authority: an agent may gain broad filesystem access to potentially sensitive notes and modify shared knowledge without a clear policy boundary, increasing the chance of overreach or unsafe invocation.
