Back to skill

Security audit

WordPress

Security checks across malware telemetry and agentic risk

Overview

This is a documented WordPress.com API helper that uses Maton OAuth access; it has broad account/content capabilities but no hidden execution or malicious behavior in the artifacts.

Install only if you trust Maton to mediate your WordPress.com OAuth access. Keep MATON_API_KEY private, use the Maton-Connection header when more than one account is connected, and require explicit confirmation before publishing, editing, deleting, liking/unliking, listing site users, or changing account settings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Description-Behavior Mismatch

Medium
Confidence
91% confidence
Finding
The skill manifest presents the integration as content management for posts, pages, sites, and content, but the documentation also exposes connection lifecycle management and account-scoped operations. That capability expansion can cause an agent or user to authorize broader actions than expected, increasing the risk of unintended account changes or OAuth connection misuse.

Description-Behavior Mismatch

Low
Confidence
84% confidence
Finding
The skill advertises content-management use, but it also supports social actions such as likes and reblog-status checks. This mismatch can lead to user surprise and unauthorized-seeming social interactions, though the direct security impact is lower than account-management or deletion features.

Description-Behavior Mismatch

Medium
Confidence
92% confidence
Finding
User enumeration is broader than the declared content-management purpose and can expose names, emails, and roles of site members. That creates unnecessary data exposure and can support phishing, privilege mapping, or targeting of administrators.

Description-Behavior Mismatch

Medium
Confidence
93% confidence
Finding
Account-level settings modification is not disclosed by the manifest and exceeds the expected scope of content management. Hidden profile or preference mutation increases the chance of unauthorized account changes and erodes informed consent about what the skill can do.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.