Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill exposes shell execution plus file read/write and environment-variable usage, but it does not declare permissions or boundaries for those capabilities. In this context, the undocumented access is meaningful because the skill is explicitly designed to modify a real Obsidian vault on disk, which increases the chance of unintended or unauthorized file operations.
