Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill instructs the agent to read and write configuration files and execute shell commands, but it declares no permissions. This creates a dangerous mismatch between the skill's documented behavior and its security boundary, increasing the chance that a user or host system will run a file-modifying, shell-capable workflow without explicit authorization or review.
