Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 83% confidence
- Finding
- The skill advertises executable behavior involving file read, file write, and shell usage, but does not declare corresponding permissions. This reduces transparency and prevents users from understanding the operational and security boundaries before invocation, especially for a skill that scans many external sites and writes local outputs.
