Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill declares access to environment variables, file reads, and network-like behavior through its instructions, but does not declare corresponding permissions. This creates a transparency and governance gap: users or hosting platforms may not realize the skill can read memory, use the API key from the environment, and make external API requests. In a skill that handles store data and credentials-adjacent configuration, undeclared capabilities increase the risk of over-privileged execution and weak review controls.
