Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill advertises runtime behaviors that use environment variables, local file read/write, network access, and shell execution, but it does not declare corresponding permissions. This creates a trust and review gap: users and the platform cannot accurately assess what the skill may access or persist, which can enable unexpected data handling or outbound requests.
