Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill explicitly relies on environment variables for authentication and instructs use of a Python helper that makes network calls to the NextDNS API, yet no permissions are declared. That creates a transparency and policy gap: an agent or reviewer may not realize the skill can access secrets and exfiltrate data over the network, which is especially sensitive here because DNS logs and profile data can reveal browsing activity.
