Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 76% confidence
- Finding
- The skill performs networked data access and email-related actions but does not declare permissions or clearly constrain those capabilities. Undeclared capabilities reduce transparency and policy enforcement, making it easier for the skill to access repository data and trigger outbound communications without appropriate review.
