Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill uses environment-variable access, local file reads, and shell command generation but does not declare those capabilities. Hidden capability use weakens reviewability and can surprise hosts or users about what the skill can access, especially because it handles an API token and reads local reference files. In this context, the issue is more dangerous because the workflow explicitly touches credentials and constructs commands for external transmission.
