Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 86% confidence
- Finding
- The skill advertises executable behavior that implies file access, network access, environment access, and report writing, but it declares no permissions at all. This creates a transparency and governance gap: users and platforms cannot accurately assess what resources the skill will touch, increasing the chance of overbroad or unexpected data access during execution.
