Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill explicitly requires sensitive environment variables and invokes bundled Python scripts that will likely perform filesystem reads and network requests, yet it declares no permissions model beyond metadata requirements. This creates a governance gap: callers and reviewers are not given clear, enforceable visibility into the skill's effective capabilities, increasing the risk of unintended data access or outbound exfiltration through the scripts.
