Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill directs execution of a Python script that uses network access and writes files under /tmp, but the skill metadata does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a host may allow the skill assuming minimal capability while it can still reach external APIs and create local artifacts, increasing the risk of unexpected data access or side effects.
