Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill advertises and documents shell execution, file reads, and file writes, but does not declare corresponding permissions. This creates a trust and policy gap: users or enforcement systems cannot accurately assess what the skill can do before invoking it, which is especially risky for a lifecycle tool that performs Git operations, scanning, publishing, and writes metadata.
