Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill advertises operational capabilities that imply network access and likely local inspection, but it does not declare permissions or clearly scope what data it may access. In an agent ecosystem, this mismatch undermines informed consent and can enable broader-than-expected data exposure or execution behavior once installed.
