Migration Runbook Generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent migration runbook drafting aid, with a disclosed local Python helper that reads a chosen input and writes a chosen output file.

Install this as a drafting tool, not an automation tool. Review the bundled script if provenance matters, use scoped input files, choose a safe output path, redact sensitive migration details where possible, and treat generated runbooks as human-review drafts before any operational change.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill advertises no declared permissions, yet its instructions explicitly permit reading local resources, writing output files, and invoking a local Python script. This creates a capability/permission mismatch that can mislead policy enforcement, reviewers, or users into treating the skill as documentation-only when it can trigger code execution and filesystem effects.

Intent-Code Divergence

Medium

Confidence: 97% confidence
Finding: The skill's security boundary claims it only generates documents and does not directly operate on the system, but the work rules explicitly allow executing a local Python script. This contradiction is dangerous because operators may trust the safety statement and permit the skill in contexts where command execution is disallowed, enabling unexpected local code execution.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal