Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill documentation describes capabilities to read environment variables, write files, access the network, and invoke shell commands, but it does not declare permissions or boundaries for those actions. In an agent ecosystem, this mismatch increases the chance of the skill being invoked with broader authority than users expect, enabling unreviewed cloud uploads, local file modification, or command execution.
