Pokeinfo

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Pokémon lookup skill that uses public Pokémon data and writes only a small language setting and temporary voice files.

Before installing, expect outbound requests to public Pokémon data hosts and optional temporary audio files when voice output is used. No API keys or sensitive credentials appear required; integrations should treat the emitted voice_path as a local file path and handle it only for sending the requested Pokémon cry.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 82% confidence
Finding: The skill advertises simple Pokémon lookup but also persists settings locally, downloads media, transforms audio, and emits a local file path payload. That expanded behavior increases the trust boundary: users and hosts may permit a harmless-seeming lookup skill without realizing it writes files and produces path-bearing output, which can create review blind spots and unintended data handling. While not overtly malicious, the mismatch can lead to under-scoped approvals and unsafe integration assumptions.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal