Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill advertises substantial capabilities including local file read/write, network access, and shell execution, but does not declare permissions. This creates a transparency and consent gap: users or hosting platforms may not realize the skill can install software, open browsers, call remote APIs, and manipulate local files. In a finance-oriented skill handling invoices and reimbursement data, undeclared capabilities increase the risk of unintended data exposure or unsafe execution paths.
