Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill metadata exposes operational capabilities requiring environment variables, Python execution, and implied network access, but it does not declare permissions or present these capabilities transparently to users. This can cause agents or users to invoke a networked, credential-using skill without informed consent or proper policy gating, especially because it sends prompts to a third-party API.
