Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill invokes a Python script that depends on an environment variable and performs outbound web searches, yet the manifest does not explicitly declare those capabilities as permissions. This creates a transparency and policy-enforcement gap: users or orchestration systems may not realize the skill can read environment configuration and send data over the network, which can lead to unintended data exposure or bypass of permission review.
