Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill documentation indicates use of the AION_API_KEY environment variable, but the skill declares no permissions despite requiring environment access. This creates a transparency and policy gap: an installer or reviewer may not realize the skill needs secret access, and a runtime may grant broader access than explicitly intended. In a trading skill, hidden or undeclared env usage is more sensitive because the referenced credential can enable market reads and potentially live trade execution.
