Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill clearly instructs the agent to execute a Python script that reads input, performs external network fetches to HackerNews and linked articles, and writes output to a filesystem path, yet the skill metadata does not declare corresponding permissions. Undeclared capabilities are dangerous because they hide the true trust boundary from the user or host system, reducing transparency and potentially bypassing policy review for network access and file I/O.
