Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill instructs the agent to run local scripts that read and modify workspace files, restore backups, and continuously monitor files, but it does not declare corresponding permissions. Undeclared file read/write capability weakens consent and review boundaries because a caller may not understand that invoking the skill can lead to broad filesystem changes after a confirmation step.
