Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill explicitly instructs users to inspect environment variables, which means it relies on access to potentially sensitive process environment data, yet the skill metadata declares no permissions. This mismatch is dangerous because it hides privileged capability from policy and review systems, increasing the chance of unvetted access to secrets such as API keys, tokens, or database credentials during execution.
