Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill declares operational behavior that uses environment variables, writes files to the working directory, invokes Python scripts, and proxies network requests, yet no explicit permissions are declared. This creates a capability-transparency gap: users and the host agent may not realize the skill can access tokens, persist API responses locally, and perform external actions, increasing the risk of unintended data exposure or unsafe execution.
