Journal Deep Intel Extractor

Security checks across malware telemetry and agentic risk

Overview

This skill appears to fetch PubMed article metadata and abstracts as advertised, then save the results locally as JSON.

Before installing, confirm you are comfortable with the skill contacting PubMed and saving article abstracts under ~/Documents/Journal_Intel. Pin and maintain the Python dependencies in your environment if reproducibility or parser/client security matters, and periodically delete archived JSON files if the research topics are sensitive on a shared machine.

SkillSpector

By NVIDIA

Vulnerability Patterns

Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (7)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill declares no permissions, yet its entrypoint and description indicate it performs network access and writes files locally. This creates a transparency and policy-enforcement gap: users or hosting systems may approve the skill without understanding that it can exfiltrate data over the network or persist data on disk.

Missing User Warnings

Low

Confidence: 84% confidence
Finding: The skill documentation mentions local archival to ~/Documents/Journal_Intel/, but does not present it as a clear warning or consent-relevant behavior. Silent or easy-to-miss local writes can expose sensitive research activity, consume disk space, or leave residual data on shared machines.

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests beautifulsoup4 lxml
Confidence: 96% confidence
Finding: requests

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests beautifulsoup4 lxml
Confidence: 93% confidence
Finding: beautifulsoup4

Unpinned Dependencies

Low

Category: Supply Chain
Content: requests beautifulsoup4 lxml
Confidence: 97% confidence
Finding: lxml

Known Vulnerable Dependency: requests — 10 advisory(ies): CVE-2014-1830 (Exposure of Sensitive Information to an Unauthorized Actor in Requests); CVE-2024-47081 (Requests vulnerable to .netrc credentials leak via malicious URLs); CVE-2024-35195 (Requests `Session` object does not verify requests after making first request wi) +7 more

High

Category: Supply Chain
Confidence: 98% confidence
Finding: requests

Known Vulnerable Dependency: lxml — 10 advisory(ies): CVE-2021-43818 (lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through); CVE-2014-3146 (lxml Cross-site Scripting Via Control Characters); CVE-2021-28957 (lxml vulnerable to Cross-Site Scripting ) +7 more

High

Category: Supply Chain
Confidence: 97% confidence
Finding: lxml

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal