Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill advertises and instructs use of sensitive capabilities including environment variables with API keys, outbound network access, shell execution, and local file/config access, but the file does not declare an explicit permissions model despite those capabilities being present. That mismatch is dangerous because an agent or reviewer may underestimate the skill's access scope, especially since it can read secrets, call external APIs, and write reports to third-party services.
