Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill declares no permissions even though the manifest describes substantial capabilities including environment-variable access, filesystem read/write, network access, shell execution, and optional MCP/background services. This undermines least-privilege review and can cause users or hosting platforms to trust and invoke a skill with broader access than is explicitly disclosed.
