Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill explicitly describes capabilities to read environment variables, read and write local files (SQLite cache/cost DB, config), and make outbound network requests to multiple model providers, yet the metadata shown in this file does not declare corresponding permissions. Undeclared capabilities reduce user visibility and policy enforcement, which is risky because the skill handles API keys and can transmit prompts off-host.
