Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
Durable Files Weekly Review (Public)
Security checks across malware telemetry and agentic risk
Overview
This skill locally reviews a fixed set of workspace markdown files and creates a report, with cleanup edits explicitly requiring user approval.
Install only if you are comfortable with the skill reading the listed durable workspace files. Review the generated report before acting, and approve deletions or edits only after checking the specific content proposed for removal.
SkillSpector
By NVIDIA
Vulnerability Patterns
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)
VirusTotal
66/66 vendors flagged this skill as clean.