Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill declares only the bash tool and environment variables, but its documented execution clearly performs outbound network access through a proxy to TripGenie/Trip.com APIs. Undeclared network capability reduces transparency and policy enforcement, making it easier for a skill to exfiltrate user-provided travel queries or send unexpected data to external services without explicit review.
