Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 83% confidence
- Finding
- The skill references a shell-based scaffold initializer (`scaffold.sh`) and local file creation behavior, but no permissions are declared. That creates a transparency and consent problem: users and platforms may treat the skill as documentation-only while it implicitly expects executable filesystem operations. In this context, undeclared shell capability is risky because it can lead to unexpected local changes and makes it harder to enforce least-privilege controls.
