Iccircle News

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public semiconductor-related RSS feeds and prints links, with no evidence of hidden data access, persistence, or destructive behavior.

Install only if you are comfortable with the agent contacting the listed news sites when you ask for chip or semiconductor news. The skill does not appear to use private local data or credentials, but restricted environments may still want to control or log outbound RSS requests.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill invokes a Python script that fetches multiple external RSS feeds, which is a network capability, yet the skill declares no permissions. This creates a transparency and governance gap: users or platform controls may not realize the skill performs outbound requests, reducing review quality and potentially bypassing expected consent or policy checks.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 84% confidence
Finding: The skill description says it fetches semiconductor news from IC技术圈, but the documented behavior includes several additional third-party sources and broader tech feeds filtered locally. This mismatch is security-relevant because it obscures the true data flows and trust boundaries, which can mislead users and reviewers about what external content is accessed and presented.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal