Security audit
Pipeworx wikifeed
Security checks across malware telemetry and agentic risk
Overview
This skill is a simple connector for public Wikipedia feed lookups through a disclosed Pipeworx remote MCP endpoint.
Install only if you are comfortable sending Wikipedia lookup queries to Pipeworx's remote MCP service. Avoid including private context in prompts that call this skill, since the artifact does not document the remote service's logging or retention practices.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
66/66 vendors flagged this skill as clean.