Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill clearly instructs the agent to read and modify a local config file and to execute network-capable scripts against SMB, FTP, and WebDAV targets, yet no explicit permissions are declared. This creates a trust and containment gap: users and the host platform may not realize the skill can write files and initiate remote connections, increasing the chance of unauthorized file changes, credential handling, or network access without informed consent.
