GMNCODE Usage

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a disclosed API helper that uses credentials and token caching for its service, but users should treat the local token cache as sensitive.

Install only if you trust the service and publisher. Use a dedicated account or limited-scope credentials where possible, avoid pasting passwords into chat, inspect where the token cache is written, ensure it is not world-readable, and revoke or rotate the token if the environment is shared or compromised.

SkillSpector

By NVIDIA

Vulnerability Patterns

Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill explicitly instructs use of environment variables, local .env files, local scripts, shell commands, file access, and outbound HTTP requests, yet no permissions are declared. This creates a real least-privilege and transparency problem: an agent may read secrets, write token caches, and make authenticated network calls without an explicit permission boundary visible to users or the runtime.

Credential Access

High

Category: Privilege Escalation
Content: 脚本已经处理好了： - 通过 `/api/v1/auth/login` 登录 - access token 本地缓存 - 遇到 `401` / `INVALID_TOKEN` 时自动重新登录并重试一次 - dashboard 所需的 referer / headers
Confidence: 88% confidence
Finding: access token

VirusTotal

57/57 vendors flagged this skill as clean.

View on VirusTotal