Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 81% confidence
- Finding
- The skill declares environment requirements but operationally instructs the agent to perform network access to GitHub, GitHub Trending, Telegram, and Resend. Undeclared capabilities reduce transparency and can bypass user expectations or policy enforcement around networked skills.
