Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill metadata and description indicate it relies on environment variables, writes generated skill files to disk, and calls external multimodal model providers, yet the file does not declare permissions for those capabilities. That creates a transparency and policy-enforcement gap: users or the platform may invoke a networked, file-writing skill without clear consent boundaries, and a generated skill could be written to sensitive locations if downstream code is lax.
