Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 86% confidence
- Finding
- The skill declares access to sensitive environment variables but does not declare corresponding permissions, reducing transparency about what secrets it can read. This can mislead users and downstream policy engines into underestimating the skill's access to credentials, which is risky for a tool that can perform external actions on behalf of the user.
