Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill instructs the agent to perform network access, shell execution, and local file reads/writes, but it does not declare permissions or clearly scope those capabilities. That mismatch can bypass user expectations and policy gating, increasing the risk of unauthorized downloads, transcript generation, or artifact creation during execution.
