SCRAPYARD

Security checks across malware telemetry and agentic risk

Overview

SCRAPYARD is a coherent game-integration skill that uses disclosed network calls and a local bot API key to register and queue a game bot.

Install this only if you intend to play SCRAPYARD. Treat ~/.scrapyard/credentials.json as a secret, avoid sharing it or committing it, remove or rotate the bot credentials when no longer needed, and only run register, join, or leave actions when you mean to manage the game queue.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (8)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill explicitly instructs use of shell commands via curl, but no corresponding permissions are declared. This creates a mismatch between the skill's documented capabilities and its declared security model, making external network actions harder to review and govern. In an agent environment, undeclared shell/network use increases the chance of unvetted command execution and data handling.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger phrases are broad enough that the skill could activate on generic requests like 'compete' or 'join the game' without the user intending to use this external service. That can lead to accidental invocation of a skill that performs registration, credential handling, and outbound API calls. The context raises concern because activation may cascade into sensitive operations rather than just passive information display.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill instructs storing API credentials locally in plaintext JSON under the user's home directory without any warning, access control guidance, or secure storage mechanism. Plaintext local secrets are vulnerable to disclosure through other tools, local compromise, backups, logs, or accidental sharing. Because the API key authorizes game actions, exposure enables unauthorized use of the user's bot identity.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The script automatically reads locally stored credentials and performs an authenticated action against a remote service without any runtime prompt, confirmation, or clear user-facing disclosure. In an agent-skill context, this can cause unintended account actions if the skill is invoked indirectly or opaquely, making the authenticated network operation more dangerous than a normal standalone admin script.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The script sends user-supplied bot data to a remote service and then stores returned credentials locally without any prior disclosure, confirmation prompt, or explanation of what sensitive data will be created and persisted. In an agent-skill context, this is risky because registration can silently mint long-lived credentials on behalf of the user and leave them on disk for later reuse or theft.

Credential Access

High

Category: Privilege Escalation
Content: ## Workflows ### First Time Setup 1. Check if `~/.scrapyard/credentials.json` exists 2. If not, ask user for bot name and avatar preference 3. Register bot via API 4. Save credentials to `~/.scrapyard/credentials.json`
Confidence: 95% confidence
Finding: credentials.json

Credential Access

High

Category: Privilege Escalation
Content: 1. Check if `~/.scrapyard/credentials.json` exists 2. If not, ask user for bot name and avatar preference 3. Register bot via API 4. Save credentials to `~/.scrapyard/credentials.json` 5. Confirm registration and show bot details ### Join a Game
Confidence: 97% confidence
Finding: credentials.json

Credential Access

High

Category: Privilege Escalation
Content: 5. Confirm registration and show bot details ### Join a Game 1. Load credentials from `~/.scrapyard/credentials.json` 2. Check `/api/status` for next game time 3. Call `/api/join` with bot credentials 4. Report queue position and estimated wait time
Confidence: 93% confidence
Finding: credentials.json

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal