Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 86% confidence
- Finding
- The skill declares only Bash and Read tools, but its documented behavior includes network-dependent operations such as DuckDuckGo searches and outbound LLM API calls. This undeclared capability weakens operator visibility and permission boundaries, making it easier for data to be transmitted externally without an explicit permission declaration.
