Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 85% confidence
- Finding
- The skill performs file reads and writes across a user-specified working directory but does not declare permissions or otherwise constrain that access. This creates a mismatch between stated trust boundaries and actual behavior, increasing the risk of unintended file access, overwrites, or processing of unrelated local spreadsheets if the skill is invoked in the wrong directory.
