Back to skill

Security audit

Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a legitimate Texas electricity-plan helper, but it relies on external address and plan lookup services that users should understand before use.

Install only if you are comfortable using Personalized Energy/PowerLego services for Texas electricity lookups and sharing a service address for that purpose. Configure the provider API token intentionally, and treat daily or weekly monitoring as a recommendation unless the host separately provides opt-in, alert delivery, retention, and opt-out controls.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to run local scripts and rely on upstream services, which implies network and environment-backed capabilities, yet no permissions are declared. That creates a governance and sandbox-bypass risk because a reviewer or runtime may treat the skill as lower privilege than it actually is, allowing unreviewed data egress or script execution paths.

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill's stated purpose and actual behavior diverge: it appears to call external electricity-related services without declared permissions and claims monitoring features that are not actually implemented. This mismatch is dangerous because it misleads reviewers and users about both the data flows and the safety/functional guarantees, increasing the chance of unauthorized external access and unsafe reliance on nonexistent monitoring.

Natural-Language Policy Violations

Medium
Confidence
89% confidence
Finding
The default prompt hard-codes the agent to operate as a single English-speaking advisor, which can improperly restrict communication for users who need another language and may lead to exclusion or misunderstanding in a utility-shopping workflow. In a Texas residential electricity context, this matters because address confirmation, plan selection, and routing are user-impacting tasks where language barriers can cause incorrect choices or inability to access service information.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends residential address details, inferred monthly usage, and returns an ESIID through external API calls without any built-in notice, consent check, or minimization step. In this skill context, that is a real privacy/security issue because Texas electricity shopping workflows involve sensitive household service-location data, and the script is explicitly designed for operational use rather than internal testing only.

Missing User Warnings

Medium
Confidence
87% confidence
Finding
The script sends the user-provided address query to an external lookup component via `address_validator(args.address_query)` without any disclosure, consent flow, or indication of downstream data handling. In this skill's context, residential service addresses are sensitive personal data and can reveal where a user lives or receives utility service, so silent transmission creates a real privacy and compliance risk even if the code is otherwise functional.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.