Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill writes files to disk and appears to rely on reading local references, but it declares no permissions or capability boundaries. That creates a transparency and policy-enforcement gap: an agent may invoke file operations users and orchestrators did not explicitly approve.
