Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill instructs the agent to read files, write backups and overwrite originals, invoke a Python module, and potentially use environment variables, yet it declares no permissions. This creates a transparency and policy-enforcement gap: users and hosting systems cannot accurately assess or restrict the skill's real capabilities, increasing the chance of unintended file modification or command execution.
