Hunter Search v1.0

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does the advertised Hunter export workflow, but it needs review because its download code can save files using a server-provided filename without path safety checks.

Install only if you need QAX Hunter batch exports and trust the publisher. Use a limited Hunter API key through an environment variable, avoid pasting keys into chat or files, and specify a safe output filename or patch the script to sanitize download filenames before running it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill documentation indicates it uses environment variables and makes outbound network requests, but it does not declare corresponding permissions. Undeclared capabilities reduce transparency and weaken policy enforcement, which can lead to unintended secret access or external data transmission when the skill is invoked.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger text is broad enough to activate on generic mentions of Hunter, asset mapping, batch export, or task_id downloads without clear user intent boundaries. Over-broad activation can cause the agent to load a network-capable skill unexpectedly, increasing the chance of unintended API use, secret exposure, or execution in the wrong context.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal