brand-sentinel

Security checks across malware telemetry and agentic risk

Overview

The skill appears to perform public brand-monitoring searches, with a notable accuracy/scoping bug but no evidence of hidden, destructive, or credential-stealing behavior.

Install only if you are comfortable reviewing the monitoring results manually. Treat alerts as noisy until the query behavior is fixed or verified to include the brand name in every search.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Description-Behavior Mismatch

High

Confidence: 95% confidence
Finding: The skill claims to perform brand-specific monitoring, but the search queries are built only from the provided keywords and never include the brand parameter. This can cause collection of unrelated public content, producing misleading results and potentially contaminating downstream LLM risk assessment or automated alerting with false associations.

Intent-Code Divergence

Medium

Confidence: 91% confidence
Finding: The inline comment states the code builds recency-constrained queries for brand monitoring, but the implementation omits the brand context entirely. This documentation/behavior mismatch increases the chance that operators trust the tool's output for reputation monitoring when it is not actually scoped to the requested brand.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal