mcpjungle

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a coherent MCP management helper, but users should be careful with service-changing commands and data sent to MCP tools.

Install if you intend to manage and invoke MCP servers. Before using disable or deregister commands, confirm the target server and expected impact. Before invoking a tool, verify that the MCP server is trusted and do not pass secrets, credentials, private prompts, or sensitive files unless you explicitly want that data sent to that server.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The skill documents disabling and deregistering management operations without any caution that these actions can remove services or make tools unavailable to downstream clients. In an agent context, this omission increases the chance that an automated system executes service-impacting commands without user confirmation or awareness of operational consequences.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill encourages direct tool invocation with arbitrary JSON input but does not warn that the data may be transmitted to remote or external MCP servers. This can cause unintended disclosure of secrets, sensitive prompts, or internal data, especially because the skill is specifically designed to interact with external registry-managed servers and tools.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal