Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill documentation describes capabilities that require network access, environment secret access, and persistent local state, but it does not declare permissions accordingly. This undermines user consent and platform enforcement because a user may install a seemingly harmless skill that can read secrets, write files, and place trades through external APIs.
