Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill clearly requires network access and reads an API key from the environment/.env, but the metadata does not declare permissions or prominently warn about those capabilities. This can mislead operators and users about what the skill can access and transmit, increasing the chance of unintended data exposure or policy bypass when the skill is enabled.
