Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill instructs the agent to perform outbound network access and read local temp files, but it does not declare any permissions or capability boundaries. This creates a mismatch between documented trust expectations and actual behavior, making it easier for the skill to exfiltrate fetched data, access unintended files, or evade policy controls that rely on declared permissions.
