Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 87% confidence
- Finding
- The skill documentation indicates capabilities to access environment variables and make outbound network requests, yet it declares no corresponding permissions. This creates a transparency and policy-enforcement gap: the skill may read secrets such as API keys from the environment and transmit user prompts or derived data to an external service without explicit consent or review. In this context, the risk is heightened because the skill explicitly depends on an API key and external image-generation endpoint.
