Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill declares no permissions even though its documented workflow clearly involves network access, local file reads/writes, shell execution, and email automation via local Mail.app. This is dangerous because users and policy systems cannot accurately assess or constrain what the skill can do, increasing the chance of unexpected data access or outbound transmission.
