Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill directs the agent to use network access and handle a sensitive API key, but it does not explicitly declare those capabilities as permissions or warn about them in metadata. This can cause users or orchestration systems to invoke the skill without understanding that it will contact an external service and may persist credentials, reducing informed consent and weakening policy enforcement.
