Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill advertises no declared permissions, yet its documented behavior includes reading environment variables, writing files, and making network calls. This creates a transparency and trust problem: users and hosting platforms cannot accurately assess what the skill will access before execution, and the file-write capability is especially sensitive because it is used to persist credentials.
