Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill instructs the agent to use environment variables for credentials, read and write local files, and make authenticated network calls, but it does not declare any permissions. This creates a transparency and policy-enforcement gap: an operator may invoke the skill without realizing it can access secrets, persist API data locally, and send authenticated requests to an external service.
