Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill advertises executable behavior that uses environment variables, shell commands, file reads/writes, and network access, but it does not declare any permissions model to make those capabilities explicit. That creates a transparency and consent gap: a harness or user may invoke the skill without understanding that it can access secrets like AISA_API_KEY/GH_TOKEN, write config files, and make outbound requests to multiple services.
