Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill declares executable Bash tooling and relies on a local config containing an API key, yet it does not explicitly declare permissions for environment/config access and network use. This creates a transparency and sandboxing gap: an agent may perform outbound API calls and read sensitive local state without the permission model making that obvious to users or policy controls.
