Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 83% confidence
- Finding
- The skill describes file read/write behavior and structured local output paths, but no permissions are declared. That creates a trust and containment gap: a host may treat the skill as low-risk while it can still access or modify project files, including batch writes during automation. In a writing assistant context this is not inherently malicious, but undeclared filesystem capability can cause unauthorized overwrites, data loss, or unexpected access to user content.
