Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill instructs the agent to create files and build MCP servers, but the metadata shown here does not declare corresponding permissions. In agent environments, undeclared file-write and MCP/network-like capabilities reduce transparency and can lead to unexpected side effects such as writing project files or interacting with external services without explicit user awareness.
