Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 81% confidence
- Finding
- The skill advertises no declared permissions, yet its documented workflow and metadata indicate capabilities to read audit files, write SVG/Markdown/JSON artifacts, and potentially access network resources via homepage/provenance references. This mismatch weakens policy enforcement and user understanding: an agent or platform may allow execution under an under-declared trust model, increasing the chance of unintended file access or outbound access.
