Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill advertises shell execution, file read/write, and environment-variable use via its documented install and runtime commands, but it declares no permissions. That creates a transparency and consent problem: users and orchestration systems cannot accurately assess the access the skill needs before installation, increasing the chance of over-trusting a component that can read transcripts, write persistent memory, and schedule automation.
