Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill clearly expects access to environment variables, repository reads/writes, and Gitea network operations, but it does not declare permissions explicitly. This creates a privilege-transparency gap: operators and policy systems cannot reliably review or constrain what the skill is allowed to access, increasing the risk of overbroad execution or accidental secret exposure in a cron context.
