Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill declares no permissions, yet its documented usage clearly involves reading files, writing scar records, and executing Python via shell commands; the analyzer also detected env, network, and shell-capable behavior. This mismatch is dangerous because users and policy engines may trust the undeclared permission set and run the skill with broader access than expected, reducing transparency and weakening least-privilege controls.
