Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill instructs users to modify gateway bind settings, adjust firewall rules, run shell commands, and create configuration files, yet it declares no corresponding permissions. That mismatch is dangerous because an agent may gain or exercise network-exposing, shell, and file-write behavior without explicit user-visible permission boundaries, and the skill’s core workflow includes exposing a local service on 0.0.0.0 or a LAN IP, which increases the blast radius if the LAN is not fully trusted.
