Assimilate MCP
Security checks across malware telemetry and agentic risk
Overview
This skill is a disclosed bridge for letting an AI assistant control Assimilate Live FX/SCRATCH through its local REST API, with powerful but purpose-matched media and rendering controls.
Install this only if you trust the assimilate-mcp npm package and want an assistant to operate Assimilate Live FX/SCRATCH. Keep the HTTP server on localhost when possible, protect any authorization key, use SSH tunnels only to trusted hosts, and require confirmation before importing files, changing project state, modifying grades, creating outputs, or starting renders.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.