Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill declares a narrow purpose but documentation indicates capabilities to read environment files, write credentials to disk, and make network/payment-related calls without an explicit permission model. That expands the trust boundary and can surprise users or orchestrators that rely on the declared metadata to decide whether a skill is safe to invoke.
