Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 97% confidence
- Finding
- The skill declares no dependencies/permissions while its instructions clearly direct file reads, shell execution, network/API interaction, file uploads, cron setup, and approval-configuration changes. This under-disclosure prevents users or platform controls from understanding the real capability and risk surface, especially because the skill can access local config files and execute scripts that persist automation.
