Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill clearly performs outbound network access by auditing arbitrary URLs, but the metadata shown does not declare any corresponding permission. Undeclared network capability is a security issue because it weakens platform trust boundaries, prevents accurate policy enforcement, and may allow unexpected external requests or scanning behavior under the guise of a benign audit skill.
