Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill declares no permissions, yet its documented behavior includes reading environment variables and reading/writing local files for API keys and history storage. This creates a transparency and consent gap: users or the host may not realize the skill can access secrets and persist data, which can lead to unintended exposure of sensitive information or unauthorized local state changes.
