Pipeworx comtrade
Security checks across malware telemetry and agentic risk
Overview
This is a simple UN Comtrade data lookup connector that uses a remote Pipeworx MCP endpoint and shows no local code, credential access, persistence, or hidden behavior.
Reasonable to install for UN Comtrade lookups. Avoid including unrelated sensitive information in prompts that use this skill, because relevant requests may be handled by the remote Pipeworx MCP endpoint.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.