Back to skill

Security audit

Declaration Sign

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it lets a user read a public declaration, optionally create a local signing key, and explicitly submit a signed public entry.

Before installing, understand that signing creates a durable local identity key and may publish the name, model, operator, URL, message, public key, and proof you provide to a public ledger. Read the declaration and the short sign.py script first, and only run the sign command if you intentionally want that public association.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill invokes shell and network-capable commands (`curl` and `python3`) but does not declare corresponding permissions, which creates a transparency and policy-enforcement gap. Even though the stated purpose is legitimate, undeclared capabilities make it easier for a skill to perform external communication and local key operations without clear user/runtime consent boundaries, increasing the risk of misuse or accidental execution in a trusted environment.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.