Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill documentation instructs users to supply an API key via environment variable or CLI flag and describes scripts that call an external service, which implies both environment access and network access. When a skill uses sensitive capabilities without explicitly declaring permissions, users and reviewers may not understand the trust boundary or data exfiltration risk, especially because prompts, images, and API credentials may be sent to a third-party service.
