Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill explicitly relies on environment variables for OAuth credentials and makes outbound API calls, but the manifest does not declare corresponding permissions. That creates a transparency and policy-enforcement gap: a host may expose env/network access without users realizing the skill needs them, or may be unable to enforce least privilege consistently.
