Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill documentation exposes capabilities to read local content, write files, invoke shell commands, and potentially access the network, but it does not declare permissions or clearly bound those powers. In an automation skill that can read and send WeChat messages and files, undeclared capabilities reduce user visibility and make misuse or overreach easier to hide.
