Security audit

Site Summarizer

Security checks across malware telemetry and agentic risk

Overview

This skill is a URL summarizer whose network access and local cache fit its purpose, but users should understand the privacy and caching behavior before using it.

Install only if you are comfortable with the skill making outbound requests to URLs you provide and storing fetched page content in a local cache. Avoid using it for private or sensitive URLs unless you configure or clear the cache and understand that hiding the resolved IP in output does not hide your network identity from the destination server.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 94% confidence
Finding: The skill advertises network access, environment-variable use, and file-write behavior, but does not declare permissions or clearly scope those capabilities. This can mislead users and orchestration systems about the skill's real execution surface, especially because it fetches arbitrary URLs and writes cache data to disk.

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The skill returns the resolved IP address of the target host in its output, which adds network-enumeration capability beyond the core purpose of fetching and summarizing page content. In an agent setting, this can disclose internal or sensitive addressing details for targets the user may not expect to be revealed, and can aid reconnaissance even if some private ranges are blocked.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill description does not clearly warn that fetching a URL makes an outbound network request that can reveal the user's IP or system network identity to the destination. Although there is an option to hide the resolved IP in output, that does not prevent exposure to the remote server, making the omission materially misleading.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill caches fetched content and analysis results to a local file under a configurable directory without any user-facing disclosure or consent. Because cached results include page content, summaries, metadata, and possibly resolved IP information, sensitive fetched data may persist on disk longer than expected and be accessible to other local processes or users depending on filesystem permissions.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal