Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill performs destructive filesystem operations and modifies a session index, but it declares no explicit permissions. That mismatch is a real security issue because platforms and reviewers may underestimate the skill's ability to delete or alter local state, enabling unsafe execution without informed consent or proper policy enforcement. In context, the skill is intentionally designed to remove session artifacts, which makes the undeclared file read/write capability more sensitive rather than less.
