Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill declares broad capabilities to read/write files and use Bash while also requiring sensitive credentials from environment variables, but it does not present an explicit permission model or constrain how those capabilities should be used. This creates a real risk that the skill can access secrets, modify local files, and persist data beyond what a user may reasonably expect for a social-media integration.
