Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 91% confidence
- Finding
- The skill embeds executable Python that accesses environment variables and makes authenticated network calls to HubSpot, yet the skill metadata declares no permissions. That creates a trust and review gap: an agent or user may approve the skill believing it is documentation-only, while it actually has secret-access and external API capabilities.
