Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill advertises no explicit permissions, but its documented behavior clearly requires access to environment variables, local files, and outbound network communication. This mismatch undermines informed consent and platform enforcement because users or agents may invoke a capability-bearing skill without an accurate permission declaration. The context increases risk because the skill handles long-lived encrypted memory plus API and encryption keys, so undeclared file/env/network access affects sensitive data.
