Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill declares and documents Python code that uses both environment variables and outbound network access, but the manifest does not declare corresponding permissions/capabilities. This creates a transparency and policy-enforcement gap: users or the hosting platform may not realize the skill can read secrets from the environment and make external requests, which increases the risk of unintended secret exposure or unauthorized network activity.
