Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill advertises and documents network-backed search behavior, but the metadata shown in SKILL.md does not declare corresponding permissions. In an agent ecosystem, missing permission declarations weaken user consent and policy enforcement because the skill can exercise network or MCP-like capabilities that are not transparently disclosed.
