Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill declares executable capabilities in metadata and usage instructions that require environment access, package installation, Python execution, and network-based data retrieval, but it does not explicitly declare corresponding permissions. This creates a trust and review gap: a host may treat the skill as low-privilege while it can still access API keys, fetch external data, and read/write local files through its scripts and tooling.
