Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill advertises and instructs use of browser automation that inherently performs network access, writes screenshots to disk, and likely reads local files/configuration, yet it declares no permissions or user-facing constraints. This is dangerous because consumers and calling systems cannot accurately reason about the skill's capability to access private network resources and persist potentially sensitive artifacts locally.
