Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill declares no permissions, yet its documented behavior includes reading environment variables, accessing files under the user's home directory, writing credentials to disk, and making network requests. This creates an authorization/transparency gap: a user or platform may permit a seemingly simple data-query skill without realizing it can access local secrets and perform external actions.
