Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill explicitly instructs the agent to read a local credentials file, write fallback HTML files, and perform network requests to WeChat APIs, yet it declares no permissions. This creates a capability/permission mismatch that can mislead users and policy enforcement, increasing the risk of unexpected access to secrets and filesystem data during execution.
