Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 86% confidence
- Finding
- The skill instructs the agent to run a Python script that accesses network resources and likely reads environment variables, yet the skill file declares no permissions or capability requirements. This creates a transparency and policy-enforcement gap: operators may approve or invoke the skill without realizing it can make outbound requests and use secrets from the environment.
