Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill clearly requires sensitive environment variables and performs networked Gmail operations, but the manifest does not declare corresponding permissions. This creates a policy and transparency gap: an agent or platform may invoke a skill with mailbox-reading, email-sending, and deletion capabilities without explicit permission gating, increasing the risk of unintended data access or destructive actions.
