Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill declares no explicit permissions, but its metadata and examples clearly indicate shell execution and outbound network access via curl/python3 to SerpAPI. This creates a real permission/transparency gap: users or policy systems may treat the skill as lower risk than it is, even though it can transmit user-supplied queries and API credentials to external services.
