Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill documentation describes capabilities that include reading session logs, writing memory files, invoking shell commands, accessing environment variables, and optionally sending content to external APIs, yet no explicit permissions are declared. That creates a transparency and consent gap: users may run a skill with broader data and system access than the manifest communicates.
