Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill declares no permissions, but its metadata and instructions indicate capabilities to access environment variables, install packages, make external network calls to Meshy, and read/write local credential material via a .env workflow. This is a real security issue because users and policy engines are not given accurate notice of the skill's effective privileges, which can lead to unexpected secret handling and outbound data transfer.
