Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill explicitly uses environment variables, local config file reads, and network access to operate, but does not declare these permissions. That creates a transparency and consent problem: users and the platform are not clearly informed that the skill can read credentials from disk/environment and call external APIs. In a security-sensitive integration, undeclared capability to access secrets and the network is a real risk even if it is part of intended functionality.
