Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 97% confidence
- Finding
- The skill invokes shell commands, accesses environment variables, writes files, and performs network-backed operations, yet it declares no permissions or equivalent user-facing capability boundaries. This is dangerous because users and the host agent may not realize the skill can read secrets, persist data, and call external services, increasing the risk of overbroad execution and unintended data exposure.
