Grant Mock Reviewer

Security checks across malware telemetry and agentic risk

Overview

This is a local NIH grant-proposal review helper with disclosed file input/output and no evidence of hidden access, exfiltration, persistence, or destructive behavior.

Install only if you are comfortable processing confidential grant drafts locally. Use deliberate input and output paths, review generated critiques before relying on them, and prefer TXT/MD input unless you verify PDF/DOCX extraction yourself.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill declares no permissions, yet its documented behavior includes reading proposal files and writing review outputs. This creates a governance and containment gap: operators and policy engines cannot accurately assess or restrict what the skill can access, increasing the chance of unintended file exposure or misuse if the implementation reads arbitrary paths or writes sensitive data to unsafe locations.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 84% confidence
Finding: The documented interface and stated purpose do not fully match actual/advertised behavior, including comparison mode and support for PDF/DOCX inputs that may not be implemented. Security reviewers and users may make incorrect assumptions about what the tool does, leading to unsafe handling paths, unreviewed code paths, or malformed document processing that broadens attack surface.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal