eCRF Designer

Security checks across malware telemetry and agentic risk

Overview

This is a simple local CRF template generator that writes a user-named JSON file, with no evidence of hidden network access, credential use, persistence, or destructive behavior.

Install only if you are comfortable running a local Python script that writes a CRF JSON file. Run it in a workspace, avoid sensitive or system output paths, and review generated CRF specifications before using them in regulated clinical workflows.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill metadata advertises file-writing capability and local script execution behaviors, but it does not declare explicit permissions or enforcement boundaries for those actions. This creates a real security gap because agents or users may invoke the skill assuming a lower privilege profile than it actually needs, increasing the chance of unintended file modification in the workspace.

Missing User Warnings

Low

Confidence: 80% confidence
Finding: The markdown states that Python/R scripts may execute locally and output files may be written, but it does not clearly warn users about the security implications of local execution, file creation, or possible overwrites. While the document is descriptive rather than executable, the missing user-facing warning can contribute to unsafe use and reduces informed consent around potentially risky behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal