Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill clearly instructs use of shell execution, environment variables, filesystem reads, and network access, yet the frontmatter shown for generated skills omits any explicit permissions declaration. That capability/permission gap can mislead reviewers and automated tooling about the true attack surface, especially for a skill centered on webhook execution and gateway interaction.
