Back to skill

Security audit

Cyber Ir Playbook

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a defensive incident-response reporting tool that reads incident data and writes report files as expected.

Before installing, treat incident logs and generated reports as sensitive internal material. Run the skill only on files you intend to analyze, choose an appropriate output location, and review generated reports before sharing them outside your incident-response team.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill instructs the agent to read from bundled references and run a script that generates a report artifact, which implies file read and file write capabilities, but no permissions are declared. This creates a trust and containment gap: the runtime may permit filesystem access without clear user-visible authorization boundaries, increasing the risk of unintended data exposure or overwriting files if the implementation is broader than expected.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.