Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill performs sensitive actions—reading an API key from the environment, uploading user documents to an external cloud service, and writing files such as downloaded screenshots—yet it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: an agent or user may invoke the skill without clear awareness that local files and document contents will be transmitted off-box and that files may be written locally.
