Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill instructs the agent to read and write files, invoke shell commands, inspect environment-dependent paths, and move user files, but it declares no permissions or guardrails. In practice this creates an authorization gap: an operator or platform may treat the skill as lower risk than it is, while the workflow can still modify local data and execute external tools such as ffmpeg and Whisper.
