Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 95% confidence
- Finding
- The skill explicitly performs outbound network requests and allows the API base URL to be overridden via an environment variable, yet it does not declare corresponding permissions. This creates a transparency and policy gap: users and host frameworks may not realize the skill can exfiltrate user-supplied blockchain addresses, URLs, transaction data, and free-text queries to a remote service.
