Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 92% confidence
- Finding
- The skill instructs the agent to fetch content from arbitrary `mp.weixin.qq.com` URLs over the network, but the skill metadata does not declare any corresponding network permission. Undeclared capabilities are dangerous because they bypass least-privilege review and make it harder for operators to understand what external access the skill can perform.
