Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 96% confidence
- Finding
- The skill invokes shell execution, spawns sub-agents, performs network access, and writes files, yet declares no permissions or capability boundaries. This creates an authorization gap: users and the platform cannot clearly understand or constrain the skill's ability to download remote content, execute commands, and persist artifacts, increasing the chance of unintended high-impact actions.
