Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill declares no permissions even though its documented behavior includes environment-variable access, local file read/write, network access, and likely shell/package installation behavior. This is dangerous because users and platforms cannot make an informed trust decision, and the hidden capability set includes credential handling and filesystem access.
