Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill declares no explicit permissions while requiring sensitive environment variables, downloading and installing a binary, and depending on network access. This creates a transparency and governance gap: operators may approve or run the skill without understanding that it can access OAuth credentials and communicate externally. In the context of a Google Workspace integration, the mismatch is more dangerous because the token can expose email, contacts, calendar, drive, docs, and sheets data depending on configured scopes.
