Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill advertises executable behavior that reads and writes a local SQLite index and invokes a local binary, but it declares no permissions. That mismatch is a real security issue because agents or policy engines may treat the skill as lower risk than it is, reducing user awareness and bypassing expected consent or sandboxing decisions.
