Cn LLM

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward remote LLM client for AIsa that uses a declared API key and sends user-requested prompts to AIsa, with no hidden persistence or unrelated system access found.

Install this only if you intend to use AIsa as a remote LLM provider. Use a scoped or quota-limited AISA_API_KEY where possible, and avoid sending confidential, regulated, or proprietary prompts unless you are comfortable with AIsa receiving that content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill declares required environment variables and clearly supports a Python client that will make outbound API calls, but it does not declare corresponding permissions for environment and network access. This creates a policy/visibility gap: a host may invoke the skill without users or reviewers understanding that secrets will be read from the environment and transmitted to an external service.

Missing User Warnings

Medium

Confidence: 87% confidence
Finding: The CLI sends user prompts and conversation history to a remote third-party API, but the interactive flow provides no explicit disclosure or warning at the point of use. This can lead to accidental transmission of sensitive data, especially because users may assume a local operation when using a command-line tool.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal