Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill advertises no explicit permissions, yet its documented behavior requires environment access, reading and writing local files, and making network requests. This is dangerous because users and calling frameworks cannot accurately assess the skill's real trust boundary, which can lead to unintended credential exposure, silent local state changes, or external data transmission.
