Back to skill

Security audit

Floating Product Generator

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for a third-party product-generation API, but users should know their prompts and API token are handled outside the local environment.

Install only if you are comfortable sending product prompts and related request data to the external Neta/TalesOfAI service. Avoid submitting secrets or confidential product information, and prefer an environment variable or secure prompt over a command-line token flag.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill invokes an external API and requires a user-supplied token, which implies network access, but the manifest does not declare corresponding permissions. This creates a transparency and trust problem: users and platforms may not realize the skill can transmit prompts and credentials off-box, increasing the risk of unintended data exposure or policy bypass.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README explicitly states that user prompts are sent to a third-party API and that output is returned from that service, but it does not clearly warn users that their prompt content and possibly related metadata leave the local environment. This creates a real privacy and data-handling risk because users may submit sensitive commercial, personal, or proprietary product information under the assumption the skill is purely local.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script requires an API token via the --token command-line flag and even documents that usage in its help text. Command-line arguments are commonly exposed through shell history, process listings, job control tools, and system monitoring, which can leak reusable credentials to other local users or logs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.