Join Tool

Security checks across malware telemetry and agentic risk

Overview

The skill is technically low-risk, but its script does not perform the SQL-style field join that it advertises.

Install only if you are comfortable treating this as a simple line-by-line concatenation helper, not a real join tool. Do not rely on it for CSV, security, accounting, or other decisions that require matching records by key unless the implementation or documentation is fixed.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 91% confidence
Finding: The skill metadata and documentation claim SQL-like joining on a common field, but the analyzed behavior reportedly performs positional line concatenation and drops extra lines due to zip-like truncation. This can silently produce incorrect results, causing downstream automation or security decisions to be made on mismatched records while users believe they are getting key-based relational joins.

Description-Behavior Mismatch

Medium

Confidence: 94% confidence
Finding: The implementation does not perform a join on a common field as advertised; it simply reads both files fully into memory and concatenates corresponding lines with zip(). This creates a semantic integrity issue: downstream users may trust the output as relationally joined data and make incorrect decisions, while unmatched or extra records are silently dropped due to zip truncation.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal