Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 84% confidence
- Finding
- The skill advertises no declared permissions, yet its documented workflow clearly relies on environment access, file read/write, and network operations. This mismatch weakens transparency and consent boundaries: a user or platform may authorize the skill believing it is low-privilege when it can actually read local AnnData files, store secrets, and contact remote services.
