Back to skill

Security audit

KPN Korea Content Judgment

Security checks across malware telemetry and agentic risk

Overview

The skill is a disclosed external advisory integration for Korean content decisions, with an optional contact-registration feature users should only use intentionally.

Install only if you are comfortable sending Korean-content business questions to persona-mcp-server.onrender.com. Do not provide email, webhook, wallet, or operator details unless you explicitly want notification about paid-tier resumption, and do not treat the advisory verdict as permission for the agent to make payments, sign contracts, or negotiate for you.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
96% confidence
Finding
The file implements an extra contact-registration feature that is outside the stated Korea-content judgment scope, expanding the skill's attack surface and data-handling behavior. Even if legitimate, this creates an unexpected pathway to transmit user-supplied personal or operational contact details to a third-party service, which is risky in an agent skill expected only to submit questions and return verdicts.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The contact-registration call sends potentially sensitive contact fields such as webhook URL, email, operator identity, and wallet address to an external endpoint without any disclosure or consent mechanism in this file. In an agent context, that can lead to silent exfiltration of user or operator contact data to a third party, especially if higher-level callers pass through profile data automatically.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.