weekly-report-generator

Security checks across malware telemetry and agentic risk

Overview

This skill reads Git history from repositories the user configures and turns it into a Chinese weekly report, with no evidence of hidden network access, persistence, or destructive behavior.

Install this only if you are comfortable sharing commit messages and changed-file paths from the repositories you list in config.conf. Create and review config.conf yourself, include only intended repositories, and do not run it with a config file from an untrusted source.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The skill’s declared purpose is to generate a weekly report, but the observed behavior expands into reading local configuration, enumerating multiple local repositories, and dumping raw commit logs with file-level statistics. This creates a data exposure risk because commit messages, repository names, file paths, and change summaries may contain sensitive internal information, while the mismatch also undermines user consent and trust about what data the skill accesses and outputs.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal