Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill declares no permissions even though its instructions clearly require shell execution, file reads/writes, package installation, and likely network access for market data and enrichment. This under-declaration is dangerous because it prevents accurate risk gating and informed user consent, allowing a skill with meaningful execution capabilities to run with more trust than its manifest suggests.
