Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill documentation clearly describes capabilities to read and write ~/.openclaw/openclaw.json and invoke shell commands such as restarting the gateway, yet no explicit permissions are declared. This creates a transparency and governance gap: users and the platform may not be able to enforce least privilege or make an informed trust decision before installation.
