Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 79% confidence
- Finding
- The skill explicitly instructs the agent to run local scripts that create, validate, and package files, but it does not declare permissions or clearly scope those capabilities. That creates a least-privilege gap: an agent may perform file writes and shell execution in contexts where the user only intended advisory review, increasing the chance of unintended filesystem modification or command execution.
