Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 86% confidence
- Finding
- The skill declares only Bash tooling while static analysis indicates network-capable behavior, yet no corresponding permission disclosure is present. This is dangerous because users and hosting agents may invoke the skill without understanding it will transmit prompts and credentials to an external service, reducing informed consent and weakening policy enforcement.
