Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 90% confidence
- Finding
- The skill documents executable scripts that use outbound network access and at least one environment variable (`CMC_API_KEY`), but no permissions are declared. That creates a transparency and policy-enforcement gap: an agent or reviewer may assume the skill is passive documentation while it can actually make external calls and read secrets from the environment. In an agent setting, undeclared capabilities increase the risk of unintended data egress, secret exposure, or execution in contexts that would otherwise deny those capabilities.
