Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill declares only local tools, but its documented behavior clearly relies on environment secrets (BAIDU_VOD_AK/SK), shell execution, and outbound network access to Baidu VOD and possibly netdisk. This hidden capability boundary is dangerous because users and policy systems cannot accurately assess what data leaves the host or what credentials are required.
