Pipeworx country-state-city
Security checks across malware telemetry and agentic risk
Overview
This is a simple read-only lookup skill that points users to an external CountryStateCity MCP service and does not ask for local files, credentials, or installation scripts.
Before installing, confirm that you trust the Pipeworx gateway because your country/state/city lookup queries will be sent there. No local credential or system-access behavior is disclosed in the skill.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.