Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 97% confidence
- Finding
- The skill clearly invokes Python and shell snippets that read environment variables, scan local files, package workspace contents, and send data to external Trent services, yet it declares no permissions. This creates a trust and consent gap: users and platforms cannot accurately reason about the skill's capabilities, increasing the risk of unexpected data access and exfiltration during a security audit workflow.
