Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill directs the agent to read environment variables, access and modify files under the user's home directory, and make network/API calls, yet it declares no explicit permissions or safety boundaries. This weakens user consent and platform control because a caller may not realize the skill can inspect local secrets, persist credentials, and perform billable external actions.
