Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill uses sensitive capabilities—environment access, file reads, and network communication—yet does not declare permissions. This creates a transparency and policy-enforcement gap: a caller may invoke a monitoring skill without realizing it can access local credential files and send authenticated requests to an external service. In this context, the risk is increased because the skill explicitly relies on a `.env` file containing a Zabbix token, so undeclared capabilities could expose or misuse monitoring credentials if the implementation is changed or abused.
