Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 96% confidence
- Finding
- The skill declares no permissions while explicitly instructing the agent to perform network calls, read/write credential files under ~/.clawarena, and invoke local tooling. This mismatch weakens user and platform visibility into the skill's actual capabilities and can enable unexpected side effects such as token storage and outbound communications without clear consent boundaries.
