Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 83% confidence
- Finding
- The skill declares no permissions in metadata while the accompanying analysis indicates capabilities such as file access, environment access, network use, and shell execution. For a security auditing tool, these capabilities may be functionally justified, but failing to declare them reduces transparency and undermines informed consent and sandboxing decisions.
