Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
Arrivelah
Security checks across malware telemetry and agentic risk
Overview
This is a narrow Singapore bus-arrival helper with disclosed network use; the main caveats are accidental activation from the word “bus” and sharing a configured stop code with the arrival API.
Install only if you are comfortable storing a usual bus stop and service in config.json and sending the stop code to the configured Arrivelah API when invoked. Consider changing or using a more explicit trigger than “bus” if accidental activation could expose travel habits.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)
Vague Triggers
Medium
- Confidence
- 94% confidence
- Finding
- This markdown file defines activation using a single common word: the description says "One-word trigger" and the usage example is just "bus." A generic noun like "bus" can easily appear in normal user conversation, making unintended invocation more likely, and the file provides no narrowing context or exclusion examples.
VirusTotal
66/66 vendors flagged this skill as clean.