Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 88% confidence
- Finding
- The skill explicitly requires outbound network access to third-party market-data services, yet no permissions are declared. This creates an authorization and transparency gap: operators and users cannot accurately assess or constrain what external communication the skill performs, which is risky in an agent setting.
