Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 89% confidence
- Finding
- The skill exposes environment- and network-driven operational capabilities while declaring no explicit permissions, which weakens informed consent and safety review. In this context, the skill also initiates wallet management, signing, and blockchain interactions, so the undeclared capability surface makes it easier for an agent or operator to underestimate the risk of external communication and fund-moving behavior.
