Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill advertises and instructs use of scripts that perform network access and write to local memory/log files, but it does not declare any permissions. This creates a trust and sandboxing gap: an agent or reviewer may approve the skill without realizing it can contact an external service and persist data locally, increasing the risk of data exfiltration, unintended external actions, or filesystem modification.
