Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 96% confidence
- Finding
- The skill clearly instructs use of shell commands, writes files such as settings.json and /tmp outputs, and depends on environment variables, yet it declares no explicit permissions. That mismatch prevents meaningful consent and review, and can cause the agent platform to under-enforce risky capabilities the skill actually uses.
