Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill declares no explicit permissions, yet its documented behavior clearly relies on environment variables, shell execution, network access, and optional use of the macOS Keychain. This mismatch weakens transparency and consent boundaries, making it easier for a user or host system to underestimate what the skill can access and do.
