ThermikBuddy

Security checks across malware telemetry and agentic risk

Overview

This skill runs local weather-forecast scripts and contacts weather services for selected locations, which fits its stated soaring-weather purpose.

Install only if you are comfortable letting the agent run the bundled Python forecast code and make outbound weather requests for selected regions or custom coordinates. Avoid entering unnecessarily precise private locations, and confirm the intended version because the package metadata is inconsistent.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 82% confidence
Finding: The skill instructs the agent to invoke a Python script that performs network-backed weather retrieval, but no explicit permissions are declared. Undeclared network capability weakens reviewability and consent boundaries because the skill can access external services without that access being transparently documented. In this context the data requested is weather data, so the impact is limited compared with skills handling secrets or sensitive user content, but it is still a real policy and security issue.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 91% confidence
Finding: The declared behavior says the skill uses Open-Meteo/ICON-D2 for soaring forecasts, but the analysis indicates additional external sources and capabilities, including DHV scraping, GFS fallback, region listing, and arbitrary coordinate input. This mismatch is dangerous because reviewers and users may approve the skill under a narrower trust model while it actually sends data to more endpoints and performs broader operations than disclosed. The weather context makes the payload less sensitive than finance or healthcare, but arbitrary coordinates can still expose user location and the hidden network surface raises supply-chain and privacy risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal