Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 96% confidence
- Finding
- The skill declares a bash tool and explicitly describes sending user queries to a proxy server and TripGenie API, which implies outbound network access without a corresponding declared permission. This creates a transparency and governance gap: users or platform controls may not understand that prompts are transmitted to external services, increasing privacy, compliance, and policy-enforcement risk.
