Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill declares no permissions even though the specification clearly requires file reads/writes, network access, shelling out to pip/openclaw, and persistent background behavior. This is dangerous because users and policy engines cannot accurately assess or constrain what the skill can do, creating a transparency and consent failure around broad capabilities.
