Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill declares no explicit permissions, yet its documented behavior includes reading environment variables, accessing files under the user's home directory, writing credentials to disk, and making network requests. This is dangerous because operators and users cannot accurately assess the trust boundary or consent to the full set of capabilities before use.
