Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill explicitly instructs users to run a Python script that reads browser cookies and can write them to disk, yet it declares no permissions despite requiring shell execution and file output capabilities. Cookie extraction is highly sensitive because browser cookies can grant authenticated session access, so undeclared capabilities reduce transparency and safety controls around a credential-accessing workflow.
