SEO Audit Pro

Security checks across malware telemetry and agentic risk

Overview

This is a user-directed SEO audit tool with disclosed web fetching and optional Anthropic article generation, though its documentation overstates some capabilities.

Install only if you are comfortable with the tool fetching URLs you provide and installing common Python packages. Use the Anthropic-backed article feature only for topics you are willing to send to an external AI provider, and treat the advertised crawl depth and check count as overstated until the publisher updates the documentation.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 76% confidence
Finding: The skill description materially overstates and misstates behavior, including claiming a broad crawl and 50+ checks while apparently only fetching a single page and performing fewer checks, plus using an external AI service without clear permission/behavior disclosure. Misrepresentation is dangerous because users and agent frameworks may grant trust, data access, or automation privileges based on inaccurate expectations, leading to privacy, cost, and compliance surprises.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal