Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill invokes a Python script through a shell command and, per the detected capabilities, can read and write files, but it declares no permissions or equivalent safety metadata to make those capabilities explicit. This creates a transparency and consent problem: users or hosting platforms may execute a skill with automation and local-system effects they were not clearly informed about, which is especially relevant for a GUI automation workflow that can modify application state and local configuration.
