Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The manifest documents substantial capabilities including shell execution, filesystem access, environment-variable use, and network retrieval, but does not declare permissions or clearly constrain them. This creates a transparency and policy-enforcement gap: an agent or reviewer may assume a safer local-only skill while the documented workflows can read/write files and reach external URLs.
