Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 84% confidence
- Finding
- The skill declares no permissions even though it clearly invokes shell-based capabilities and performs network operations via curl. This creates a transparency and policy-enforcement gap: users or the platform may approve the skill without understanding that it can execute shell commands, access environment variables, send outbound requests, and write logs.
