Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill documentation describes file read/write behavior via `--project` and `--output`, but the skill declares no permissions. This creates a trust gap: an agent or user may invoke a filesystem-capable tool without an explicit permission boundary, increasing the risk of unintended access to arbitrary local paths if path handling is weak or misused.
