We're scanning an Agent Skill with SkillSpector and keep hitting LP3 (MCP Least Privilege, MEDIUM). I want to check whether we're declaring things wrong, or whether SkillSpector expects a field that isn't in the open standard.
What we see:
- Our
SKILL.md declares capabilities with allowed-tools, the field defined by the Agent Skills standard (https://agentskills.io/specification).
- LP3 still fires: "no declared permissions but code capabilities were detected: shell."
- Adding a top-level permissions: [shell] clears LP3, but permissions isn't part of the standard and VS Code flags it as an unsupported attribute.
So the only thing that satisfies SkillSpector is a non-standard field that other tooling rejects.
Questions:
- Is permissions the field you intend skills to use, even though it's outside the open standard?
- If not, should LP3 also read allowed-tools so standard-compliant skills don't trip it?
- Is there a way to add exemptions to avoid such cases?
We're scanning an Agent Skill with SkillSpector and keep hitting LP3 (MCP Least Privilege, MEDIUM). I want to check whether we're declaring things wrong, or whether SkillSpector expects a field that isn't in the open standard.
What we see:
SKILL.mddeclares capabilities with allowed-tools, the field defined by the Agent Skills standard (https://agentskills.io/specification).So the only thing that satisfies SkillSpector is a non-standard field that other tooling rejects.
Questions: