Lemma

Security checks across malware telemetry and agentic risk

Overview

This skill can help build and manage Lemma platform resources, but its powerful actions are disclosed, purpose-aligned, and guided by approval and verification steps.

Install this only if you want the agent to build or manage Lemma pods and desk projects. Use test pods when possible, protect Lemma tokens and connected accounts, review CLI payloads before production changes, and double-check scheduled or event-triggered workflows before leaving them active.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 91% confidence
Finding: The parent skill claims it is only a single entrypoint that routes users to module guides, but the analyzed behavior indicates it can scaffold projects, install dependencies, write files, build artifacts, and emit auth-testing instructions. This mismatch is dangerous because operators may grant trust based on a benign description while the skill performs materially more powerful actions, increasing the chance of unexpected code execution, file modification, dependency installation, and credential mishandling in downstream use.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal