Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill explicitly directs reading workflow files and using a relay-validation script to probe HTTP endpoints such as /health, /poll, /send, and attachment URLs, which indicates real network-capable behavior despite no declared permissions. Undeclared network access weakens security review and least-privilege controls, and in this context could enable unintended outbound requests, SSRF-style misuse against operator-supplied endpoints, or data exfiltration during troubleshooting.
