Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill instructs the agent to run a bundled Python script that queries Eastmoney's public API, which is a real network capability, but the skill metadata does not declare any corresponding permission. Undeclared network access is dangerous because it bypasses user and platform expectations, can exfiltrate task data in requests, and makes the skill's behavior less auditable even if the stated use case is legitimate security-code resolution.
