Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill declares no permissions, but its documented behavior clearly involves local file access, network downloads/uploads, and execution of external binaries like ffmpeg/ffprobe. This mismatch weakens security review and user consent because the agent can perform broader actions than the manifest transparently communicates.
