Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill describes capabilities that imply file read/write, shell invocation, environment access, and possible network use, yet it declares no permissions or explicit trust boundaries. That omission makes it harder to audit, constrain, or safely authorize the skill, especially because it handles local file discovery and transfer-like behavior.
