Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill documentation declares no permissions even though the bundled workflow clearly instructs reading local files and interacting with remote APIs. This under-declaration is dangerous because it hides the skill’s real capability surface from reviewers and users, reducing informed consent and making risky file/network actions easier to smuggle into normal use.
