Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill documentation directs the agent to run a local Python script that reads and writes workspace files and may use environment-based configuration, but the skill declares no permissions. This creates a trust and containment gap: an agent or platform may expose file and environment access without the user being clearly informed, increasing the risk of unintended file modification, data exposure, or overly broad access during installation, migration, rollback, and maintenance commands.
