Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill instructs execution of local shell commands and a patch script that reads and writes files, but it declares no corresponding permissions. This creates a trust and review gap: operators may approve or invoke the skill without realizing it can modify local application assets, making unintended system changes more likely.
