Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 94% confidence
- Finding
- The skill invokes a Python script that uses environment variables, reads credential files, and makes network requests, but the skill declares no permissions for these capabilities. This creates a trust and review gap: an agent or user may invoke the skill without realizing it can access local secrets and transmit data externally, which is especially sensitive because API credentials are sourced from multiple local locations.
