Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 85% confidence
- Finding
- The skill performs privileged actions such as reading an environment variable and making outbound network requests, but it does not declare corresponding permissions. This creates a transparency and policy-enforcement gap: a host may permit the skill under the assumption it is low-risk, while it can still access secrets and transmit user queries externally.
