Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 82% confidence
- Finding
- The skill instructs the agent to run local Python scripts and write output files, which implies file read/write and code execution capabilities despite no explicit permission declaration. This creates a trust and containment gap: users or the platform may assume the skill is documentation-only, while it actually directs the agent to access local files and produce artifacts.
