Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill documentation describes capabilities to read environment variables, read and write files, and make network requests, but it does not declare any corresponding permissions. This creates a transparency and control gap: operators may approve or run the skill without understanding that it can access secrets via env vars, send patient data to external services, and persist processed records locally under some flags.
