Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill metadata declares no required environment permissions, yet the documented functionality and referenced files imply access to environment variables, shell execution, and local file reads/writes. This mismatch is dangerous because operators and policy systems may approve the skill under a lower-trust profile than it actually needs, enabling unexpected command execution or data access.
