Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill documentation describes capabilities that use network access and environment-controlled behavior, but it does not declare permissions or provide an explicit capability/consent model. This can cause an agent or user to run code that fetches remote data and reads environment configuration without clear awareness of the scope of access.
