Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill clearly instructs use of environment variables, local file writes, network calls, and shell execution, yet declares no permissions. This creates a transparency and policy-enforcement gap: a host may invoke the skill without understanding it can access credentials, write persistent artifacts, and contact external services.
