Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill declares no permissions, yet its documented behavior includes reading environment variables, accessing local files under ~/.upkuajing, writing credentials to disk, and making network/API requests. This is a real transparency and least-privilege issue because users and host systems are not given an accurate capability declaration, which can undermine trust and bypass policy-based controls.
