Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill declares no explicit permissions while its documented behavior and metadata indicate file access and potential network/API interaction. This weakens the trust boundary for users and reviewers because the skill can handle credentials and contact external services without clear permission disclosure.
