Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 80% confidence
- Finding
- The skill documentation describes writing market data into a local SQLite database but does not declare corresponding permissions. Undeclared write capability reduces transparency and informed consent, and can lead to unexpected persistence of data on the host system even if the data itself is not highly sensitive.
