Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill advertises shell, network, and environment-driven behavior but does not declare permissions, which weakens transparency and informed consent for a highly privileged automation skill. In this context, the omission is risky because the bundled runtime can build software, install dependencies, and control the host, so users may execute it without understanding the full trust boundary.
