Back to skill

Security audit

Fulcra Context

Security checks across malware telemetry and agentic risk

Overview

This is a documentation-only Fulcra integration skill that asks agents to use user-approved, narrowly scoped access to sensitive personal context data.

Install this only if you want an agent to access Fulcra data. Keep use in private sessions, approve sensitive reads such as calendar, location, health, or file access, do not publish real records unless you explicitly intend to, and protect OAuth/session tokens and credential files.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
The skill metadata and repeated prose position this as a bounded read/context workflow, but the file-library section explicitly lists write-capable operations such as upload, delete, and restore. That mismatch can cause an agent to over-trust the skill's safety boundary and invoke mutating operations in contexts where only read access was expected.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.