Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill documentation instructs users to run a Python sync script that performs network access and writes meeting data to local disk, but the skill declares no corresponding permissions. This creates a transparency and trust problem: users and reviewing systems are not clearly informed that the skill can exfiltrate cloud data to local storage and repeatedly sync it via automation.
