Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill invokes a shell script and relies on an environment variable for a Discord bot token, but the skill manifest does not declare permissions for shell or environment access. This creates a security transparency gap: reviewers and runtime policy may underestimate the skill's actual capability to execute commands and handle secrets, increasing the risk of unintended command execution or token exposure.
