Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill declares no permissions, yet its documented behavior clearly implies reading a local config file, invoking external Aliyun network APIs, and relying on Python/runtime execution. This mismatch weakens security review and user consent because the platform cannot accurately inform operators what the skill is capable of doing.
