Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill clearly instructs the agent to read user-supplied files, write translated outputs and temporary artifacts, and access API keys from environment variables, yet it declares no corresponding permissions. This mismatch is dangerous because users and the platform may underestimate the skill's access to sensitive documents, local storage, and secrets, reducing informed consent and weakening policy enforcement.
