Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill instructs the agent to use scripts, persist data to disk, call external APIs, and rely on local files, which implies shell, file, and network capabilities despite no declared permissions. This creates a trust and containment gap: operators and users cannot accurately assess what the skill may access or exfiltrate, and hidden capability use increases the blast radius if the skill or surrounding tooling is abused.
