Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 96% confidence
- Finding
- The skill describes capabilities to read environment variables, write files to the current working directory, and call network endpoints, but the metadata does not declare corresponding permissions or constraints. This creates a transparency and governance gap: operators and users cannot accurately assess what the skill can access, and the file-writing behavior also persists API responses locally, which may expose sensitive business data or identifiers if the workspace is shared.
