Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill documents capabilities that read and write local files, invoke shell commands, use network access, and rely on environment context, but it does not declare permissions or boundaries for those actions. In a database-query skill, this increases the chance of unintended credential exposure, unsafe command execution, or overbroad access because users and hosts cannot assess or constrain what the skill is allowed to do.
