Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill advertises and enables shell execution, environment-variable use, and file access, yet declares no permissions. In the context of a bridge that can launch desktop/browser automation, this missing disclosure materially weakens user oversight and policy enforcement because callers may invoke a highly privileged skill without realizing it can access credentials and spawn subprocesses.
