Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill advertises and documents file-reading and file-writing behavior, yet no explicit permissions are declared. That creates a trust and policy gap: an agent or reviewer may invoke the skill without realizing it can access local files and generate artifacts into the repository. In this context, the risk is increased because the skill also participates in an automated pipeline that consumes external JSON and writes generated test code into executable test directories.
