Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill clearly describes capabilities that read configuration files, write local artifacts, access environment-provided credentials, and make network calls to the WeChat API, but it does not declare corresponding permissions. This creates a permission-model mismatch: an operator or framework may treat the skill as lower-risk than it is, leading to unintended credential use, file access, or outbound publishing activity.
