Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill clearly describes capabilities that read and write local files and perform network operations, but the manifest does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: downstream systems or reviewers may underestimate the skill’s reach, and the skill can be invoked in contexts that did not explicitly approve mailbox access, attachment writes, or outbound email/network use.
