Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill documentation instructs the user to run a local script that reads Markdown files, writes a state file, and sends data to an external webhook, but the skill declares no corresponding permissions. This creates a transparency and trust problem: users and platforms cannot accurately assess that the skill performs file access and network exfiltration of note contents before use.
