Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill instructs the agent to read local files, potentially write cached data, and make network requests, but it declares no permissions or trust boundaries. That mismatch can lead to over-privileged execution, unreviewed external access, and unexpected file-system interactions when the skill is invoked.
