Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 84% confidence
- Finding
- The skill instructs the agent to read many local files, run bundled scripts, perform browser QA, and potentially package outputs, which implies file, shell, and possibly network-capable behavior without any declared permission boundary. This is dangerous because a host may expose broader capabilities than users expect, increasing the risk of unintended file access, command execution, or data movement from loosely bound inputs and referenced paths.
