Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill appears to use environment variables, network access, and file writing, but no permissions are declared to make those capabilities explicit. This creates a transparency and governance problem: users and platforms cannot accurately assess what the skill will access, and sensitive audio or credentials may be handled without clear consent boundaries.
