Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill declares no explicit permissions, but its documented behavior clearly requires access to environment variables, local files, and outbound network connections. This mismatch weakens review and containment because consumers may not realize the skill can read API keys and transmit user-supplied content to third-party services. In a security-focused skill, undeclared capabilities are especially risky because users may provide sensitive text, URLs, or media for scanning.
