Tmp.JNcNGAYkf9

Security checks across malware telemetry and agentic risk

Overview

This Canvas LMS skill is a disclosed, purpose-aligned connector for reading academic information, with sensitive credential handling that users should configure carefully.

Install only if you intend to let an agent access your Canvas account or linked observer/student records. Use a dedicated token or OAuth flow if available, protect Canvas passwords and refresh tokens, avoid committing .env or MCP config files, and confirm file download paths before allowing writes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger description is very broad and covers many generic educational phrases such as grades, assignments, announcements, files, and even requests about any student the user observes. This increases the chance the skill is invoked when a narrower or different skill would be more appropriate, which is especially sensitive here because the skill can access private academic records, inbox messages, and download files tied to a real user account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal