Implementation Readiness Checker

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a local readiness/audit helper that scans files and writes reports, with no evidence of exfiltration, destructive behavior, or persistence.

Install only if you want a local checker to inspect the project or skill files you point it at. Run it from a narrow workspace, review where it writes output, and avoid invoking it on home directories, credential stores, or unrelated private projects.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill advertises and instructs use of local file reads, file writes, and shell execution via `python3 .../scripts/run.py`, but does not declare corresponding permissions or constraints. This creates a capability transparency problem: callers and policy systems may treat the skill as low-risk while it can actually access local data and execute code, increasing the chance of unintended data exposure or unsafe execution.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 93% confidence
Finding: The declared purpose is a readiness checker, but the analyzed behavior indicates substantially broader functionality: directory scanning, regex-based content inspection, skill integrity auditing, data profiling, and writing rendered output. This mismatch is dangerous because it can conceal security-relevant behavior behind an innocuous description, causing users or automated governance to authorize a skill that can inspect sensitive files and produce artifacts outside the expected scope.

Vague Triggers

Medium

Confidence: 87% confidence
Finding: The trigger examples are broad natural-language phrases that can overlap with ordinary project discussion, increasing the chance that the skill is invoked unintentionally. In a gating/readiness workflow, accidental invocation can misroute user intent, generate misleading readiness assessments, or interfere with approval-related processes even if the skill itself is read-only.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal