Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill documentation describes capabilities to read environment secrets, invoke shell commands, access the network, and potentially write system files or alter Nginx configuration, yet no explicit permissions are declared. This creates a trust and review gap: users and hosting platforms may not realize the skill can access Alibaba Cloud credentials and perform external DNS or host changes, increasing the chance of secret exposure or unintended privileged actions.
