Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 96% confidence
- Finding
- The skill explicitly states it reads and writes local files under ~/.openclaw/workspace/memory/proxy, but it does not declare any permissions for those capabilities. This creates a transparency and policy gap: users or the platform may not realize the skill can persist sensitive proxy inventory data, including hosts, ports, auth-related metadata, notes, and session information, which can lead to unintended exposure or misuse of local data.
