Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill documentation describes capabilities to read environment variables, perform network access to Google APIs, and likely read/write local files during OAuth/setup, yet no explicit permissions are declared. This creates a trust and review gap: a user or platform may invoke a skill with broader runtime access than is apparent from its manifest, increasing the risk of secret exposure or unintended external actions.
