Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 86% confidence
- Finding
- The skill declares access to environment variables, files, network, and shell-capable tooling in metadata and workflow, but it does not declare permissions or prominently constrain those capabilities for users. That creates a transparency and least-privilege problem: a user may invoke what appears to be a simple presentation generator while it can read configuration, write project files, call external APIs, and run local scripts.
