Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
Security audit
Security checks across malware telemetry and agentic risk
This is a low-risk advisory roster skill; it may overstate persona-selection functionality, but the included scripts only read local reference files and it explicitly limits privileged actions to user consent.
Install this if you want a lightweight LYGO council roster and advisory prompt reference. Do not expect it to enforce persona routing or perform stack operations by itself, and keep following the skill's own guidance: do not share API keys or .env contents, and require explicit consent before any shell, publishing, vault, or account-affecting action.
63/63 vendors flagged this skill as clean.
No suspicious patterns detected.