Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 93% confidence
- Finding
- The skill declares no explicit permissions while clearly requiring both secret environment access (`WERYAI_API_KEY`) and outbound network access to third-party WeryAI endpoints. This under-declaration is dangerous because installers and reviewers may not realize the skill can exfiltrate data to an external service or incur paid API usage, especially given the documented possibility of local image upload.
