Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill clearly documents capabilities to read environment variables, access files, make network requests, and invoke shell-adjacent tooling, yet it does not declare an explicit permission model. This creates a trust gap: installers may underestimate the effective authority of the skill, especially because it can fetch remote content, write archives/tmp files, and deliver output via external channels.
