Back to skill

Security audit

eKYC Suite AI Guardian

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed cloud client for checking consented face photos or videos, with some dependency and privacy-documentation hardening needed but no evidence of hidden or malicious behavior.

Install only if you trust the configured eKYC Cloud endpoint and understand that consented face photos or videos and the API credential are sent to that backend. Prefer a pinned, reviewed requests version and review the backend's retention and access policies before using it for real KYC workflows.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill declares environment variables and its metadata references a Python script, but there is no explicit permissions section describing access to network, files, and secrets. That mismatch can mislead operators and agents about the skill's effective capabilities, especially because it sends sensitive face media and API credentials to a cloud backend in a high-sensitivity eKYC context.

Unpinned Dependencies

Low
Category
Supply Chain
Content
requests>=2.31.0
Confidence
95% confidence
Finding
requests>=2.31.0

Known Vulnerable Dependency: requests==2.31.0 — 6 advisory(ies): CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi); CVE-2026-25645 (Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility func) +3 more

Medium
Category
Supply Chain
Confidence
92% confidence
Finding
requests==2.31.0

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

Detected: suspicious.potential_exfiltration

Python code base64-encodes a local file and sends it over the network.

Critical
Code
suspicious.potential_exfiltration
Location
scripts/ai_guardian.py:39