Website Flow Monitor

Security checks across malware telemetry and agentic risk

Overview

This skill transparently monitors user-approved website flows and does not show hidden data theft or destructive behavior.

Before installing, be comfortable with the agent fetching the website URL you provide and proposing links it discovers, including third-party links. Review the exact URL list and frequency before confirming any cron job, and avoid pointing it at private or sensitive internal services unless you intentionally want them monitored.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill explicitly performs network-capable actions by scanning a user-provided website, discovering links, and proposing recurring health checks, yet no permissions are declared. This creates a mismatch between actual capability and declared security posture, reducing transparency and making it easier for network access to occur without appropriate review or policy gating. In this context the network use is core to the skill’s function, so the issue is not hidden malicious behavior, but it is still a real security weakness because the skill can reach arbitrary user-supplied URLs and later automate repeated checks.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal