Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill instructs persistent filesystem writes to ~/quizme and bank files, but no declared permissions are present. That creates a trust and containment problem: users and the platform may not realize the skill stores and mutates local data, which can lead to unauthorized persistence, privacy surprises, or policy bypass if the runtime relies on declared permissions for enforcement.
