html-deploy-easy

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed helper for publishing and managing user-chosen single-file HTML pages on htmlcode.fun, with public-content risks but no hidden credential access or persistence.

Install this only when you want an agent to publish selected HTML to htmlcode.fun. Review HTML for secrets before upload, and require explicit user intent before overwriting, unpublishing, switching the current version, fetching existing content, or deleting a version.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The skill description promises simple HTML publishing, but this code also supports listing versions, switching the current public version, overwriting content, changing publication status, deleting versions, and downloading existing deployed content. In an agent setting, this expands authority from one-way publish to full remote content administration, increasing the chance of unintended destructive changes or exfiltration of previously deployed content when the skill is invoked under a broader or misleading mental model.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal