Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 96% confidence
- Finding
- The skill instructs the agent to scaffold files, run Python scripts, install dependencies, and make networked API calls, which implies file read/write, shell execution, and network access, yet no corresponding permissions are declared in metadata. This creates a transparency and consent gap: a user or platform may invoke the skill without understanding its operational capabilities, increasing the chance of unsafe execution or policy bypass.
