AIML Сontent Moderation

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward AIMLAPI-based content safety checker, with the main risk being that submitted content is sent to a third-party service.

Install only if you are comfortable sending the content you check to AIMLAPI and providing an AIMLAPI_API_KEY in the environment. Avoid submitting secrets, private customer data, or regulated personal data unless your AIMLAPI terms and data-handling requirements allow it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill declares use of an API key and describes invoking a remote safety-check script, which implies environment-variable access and outbound network access, but those capabilities are not explicitly declared as permissions. This can mislead reviewers and users about the skill's actual trust boundary, especially because user-submitted content is sent to an external service.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The skill description says it classifies text or images as safe or unsafe, but the provided usage only shows text moderation and sends content to a third-party service without disclosing that behavior in the description. This mismatch can cause users to submit sensitive content under false assumptions about functionality and data handling, creating privacy, compliance, and trust risks.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script sends the full user-provided --content to a third-party API for moderation, but the code provides no explicit user-facing disclosure or consent step at the point of transmission. In a safety-check skill, users may reasonably expect local analysis, so this can create privacy, compliance, or data-handling risk if sensitive prompts, secrets, or personal data are submitted.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal