Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill documentation instructs use of a bundled script that reads an environment variable (`IDFM_PRIM_API_KEY`) and makes outbound network requests, but the skill declares no permissions for those capabilities. This creates a transparency and governance gap: users or platforms may execute code with access to secrets and the network without explicit consent boundaries, increasing the risk of secret misuse or unexpected data exfiltration if the script is changed or behaves unsafely.
