Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill advertises executable Python components and optional external LLM integrations, which imply file-reading and network access, but it does not declare any permissions or constraints for those capabilities. This creates a transparency and sandboxing gap: users or hosts may approve and run the skill without realizing it can access local article files and potentially send article contents to remote services.
