TrustSkills
BlogCompareGlossaryDetections

Definition

Least privilege

A security principle requiring that every component in a system — including AI agent skills — operate with only the minimum permissions necessary to perform its intended function. A skill designed to summarize documents should have read access to documents, not write access to your file system or the ability to execute shell commands. Applying least privilege to agent skills reduces the blast radius of a compromise or misconfiguration.

How TrustSkills detects this

TrustSkills scans OpenClaw and ClawHub skills for least privilege patterns before you install them. The scanner returns plain-English findings — no CVE IDs, no security jargon — with a risk level and a clear explanation of what was found.

Scan a skill freeHow we detect least privilege

Related terms

Excessive agency

OWASP's term (LLM06:2025) for the condition where an AI agent is granted more capabilities, permissi

Permission scope

The set of capabilities and data access a skill declares in its manifest and actually uses at runtim

Trust boundary

A point in a system architecture where trust assumptions change — where data or control moves from a