Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 85% confidence
- Finding
- The skill requires access to environment-stored credentials and performs networked operations against Zotero, but the manifest does not explicitly declare corresponding permissions. This weakens transparency and reviewability: users and policy engines may not realize the skill can read secrets and send data externally, increasing the risk of unintended credential use or data exfiltration.
