Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill instructs users to create a virtual environment, install dependencies, and run a Python script that writes manifests and persistent index files, while no explicit permission model is declared. That mismatch is a real security concern because a user or host may assume the skill is documentation-only, yet it performs filesystem writes and shell-oriented operations, increasing the chance of unintended execution with local file access.
