Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 84% confidence
- Finding
- The skill instructs the agent to access environment variables, read local files, and produce shell commands, but it does not declare these capabilities or any permission boundaries. That creates an authorization and transparency gap: a user may not realize the skill can inspect local state and handle secrets while preparing a request.
