Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill advertises required environment variables in metadata and its example invokes a local Python script that will read a private key file and make outbound authenticated API requests, yet the skill does not declare corresponding permissions. Undeclared access to environment variables, local files, and network creates a transparency and policy-enforcement gap: users and hosts may not realize the skill can read secrets and transmit data externally.
