Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 83% confidence
- Finding
- The skill advertises itself as text-driven, yet the documentation instructs the agent to run local Python and shell scripts that imply filesystem access, network access, and likely local data persistence without any declared permissions or transparent capability disclosure. This weakens security boundaries because agents or users may invoke code with broader privileges than expected, increasing the chance of unintended data access, local file modification, or network exfiltration.
