Pipeworx abuseipdb

Security checks across malware telemetry and agentic risk

Overview

This skill is mostly coherent for AbuseIPDB lookups, but it can submit external abuse reports through an unreviewed hosted gateway without clear confirmation or credential details.

Use this only if you trust the Pipeworx hosted MCP gateway and are comfortable sending IP addresses and abuse-report details to external services. Treat check_ip and get_blacklist as external lookups, and require explicit human approval before report_ip is used.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill exposes a `report_ip` action that sends user-supplied data to an external AbuseIPDB service, but the description does not clearly warn users that invoking this action transmits information off-platform. This can lead to unintended disclosure of IP addresses, incident context, or other sensitive investigative data, especially in environments where users may assume actions are local or read-only.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal