Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill describes capabilities including environment-variable access, shell execution, network calls, and persistent file writes, but does not declare permissions or otherwise constrain those behaviors. This creates a transparency and governance gap: an agent may invoke a skill with broader operational access than users or policy controls expect, increasing the chance of unintended data access, command execution, or exfiltration through the proxy workflow.
