Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill instructs use of Python scripts that access environment variables, read and write files under the user's home directory, and call external APIs, yet it declares no permissions. This creates a transparency and consent problem: an operator may invoke a skill believing it is low-risk while it can access credentials, persist data, and perform network actions with billing consequences.
