Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill clearly instructs the runtime to use shell execution, environment variables containing API credentials, and network access to multiple third-party providers, yet it declares no permissions. That mismatch is a real security issue because users and host runtimes cannot accurately assess or constrain what the skill is capable of doing, increasing the risk of unintended command execution, credential exposure, or outbound data transfer.
