Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill clearly instructs the agent to invoke local Python scripts that read and write PPTX files and execute shell commands, but it does not declare corresponding permissions. This creates a trust and sandboxing gap: an agent runtime or reviewer may underestimate the skill's actual capabilities, increasing the risk of unintended file access or execution of unreviewed local code.
