Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill instructs the agent to read a local credential file and invoke a Python script that calls an internal API, but it declares no corresponding permissions. This creates a capability/permission mismatch that can bypass expected review and sandbox controls, increasing the risk of unauthorized file access, secret handling, and network use.
