Back to skill

Security audit

XML Sitemap Generator

Security checks across malware telemetry and agentic risk

Overview

This sitemap tool matches its stated purpose, but users should be aware it silently weakens HTTPS verification when crawling sites.

Install only if you are comfortable with a simple sitemap crawler that can fetch pages from a site, scan a directory you name, and write sitemap or robots files when requested. Review generated files before publishing, avoid using it on sensitive local directories, and do not rely on HTTPS crawl results on untrusted networks unless TLS verification is fixed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill advertises and demonstrates network access plus local file read/write behavior, but declares no permissions or safety boundaries. This can cause users or orchestrators to invoke it without understanding that it may crawl remote sites, read local directories, and write sitemap.xml or robots.txt to disk, increasing the chance of unintended data exposure or filesystem modification.

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The crawler explicitly disables both TLS certificate validation and hostname verification before fetching arbitrary HTTPS URLs. This makes the tool accept attacker-controlled or intercepted HTTPS responses, enabling man-in-the-middle tampering with crawled content and causing the generated sitemap to be based on untrusted data.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger list includes broad phrases such as "robots.txt," "sitemap," and "crawl site," which can cause the skill to activate in contexts where the user did not clearly intend network crawling or file generation. In an automated agent environment, over-broad invocation increases the risk of unnecessary outbound requests, accidental local scanning, or unintended file creation.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill documentation describes output options that save sitemap.xml and optionally robots.txt, but does not prominently warn that these actions write files to disk and may overwrite existing content. This lack of disclosure is risky because users may expect read-only analysis while the skill can modify workspace files, potentially replacing important site configuration files.

Missing User Warnings

Medium
Confidence
99% confidence
Finding
Disabling HTTPS certificate and hostname checks without any user warning undermines the security guarantees users expect from HTTPS connections. In this skill's context, which crawls external sites, that increases risk because a network attacker can spoof target pages, influence discovered links, and poison sitemap output while the user believes the connection is secure.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.