Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill declares no permissions, but its documentation clearly indicates use of environment variables and outbound network access to call the AI Skills API. This creates a permission/capability mismatch: reviewers or policy engines may assume the skill is passive when it actually depends on secrets and external communication. In this context, the behavior appears expected for the skill’s function, but undeclared capabilities still reduce transparency and can enable misuse or accidental overtrust.
