Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill advertises executable capabilities that include environment access, file read/write, and optional network communication, but it does not declare permissions accordingly. This creates a transparency and trust boundary issue: operators or orchestration systems may grant or invoke the skill without realizing it can access local state and exfiltrate recorded telemetry during sync.
