retarus-sms4a

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Retarus SMS helper that does what it says, though it should only be used where sending real SMS messages is intended.

Install this only on agents that are allowed to operate a Retarus SMS account. Prefer managed secrets or environment variables over command-line passwords, restrict network access to Retarus SMS4A hosts where possible, and require a dry run or human approval showing recipients, message text, datacenter, and payload before sending real SMS jobs.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 94% confidence
Finding: The skill instructs use of environment variables, local secret files, file reads, and outbound network access, but the skill metadata does not declare corresponding permissions. This creates a trust and containment gap: an agent may access credentials and external endpoints beyond what operators expect, increasing the risk of unintended secret exposure or unauthorized SMS transmission.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal