Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill documentation exposes capabilities that require environment access and network communication, but it does not declare corresponding permissions or clearly scope those capabilities. This can mislead users and reviewers about the trust boundary of the skill, especially because it sends authenticated requests to GitLab using a token from the environment.
