Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill clearly instructs actions that can modify project files, such as editing `.mcp.json`, generating test files, and running setup steps, yet it declares no permissions. That mismatch can cause users or host systems to invoke a write-capable skill without informed consent or proper sandboxing, increasing the risk of unintended repository or config changes.
