Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 84% confidence
- Finding
- The skill metadata declares no permissions, yet the documented behavior clearly instructs running a local CLI that reads configuration/input records and writes generated CSV/report files. This creates a transparency and consent problem: users and platforms may underestimate what filesystem access the skill requires, making it easier to process or overwrite local data without appropriate review.
