Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill documentation exposes capabilities beyond simple file-based memory management, including network access to a local Ollama HTTP service, environment/config access, and token/session-state awareness, yet no permissions are declared. This weakens user consent and platform trust boundaries because operators may enable a skill without understanding that it can access local services and broader runtime context.
