Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill declares only a Bash tool requirement, but its metadata and documented behavior clearly require access to environment variables containing credentials and network connectivity to a remote/local MyBooks service. This mismatch weakens policy enforcement and user understanding, because a reviewer may not realize the skill can read secrets and transmit data over the network.
