Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 83% confidence
- Finding
- The manifest declares no permissions while the skill documentation clearly indicates access to sensitive environment variables, including trading credentials. This undermines informed consent and policy enforcement because an operator may install or run the skill without realizing it consumes high-value secrets needed for live trading.
