Automatic Number Plate Recognition

Security checks across malware telemetry and agentic risk

Overview

This license-plate recognition skill does what it says: it uploads a user-selected image to TrafficEye and returns plate data, with privacy-sensitive behavior disclosed in the skill text.

Install only if you are comfortable sending the chosen vehicle image to TrafficEye for recognition. Prefer header or bearer authentication, avoid query-string API keys when possible, and use the skill only on images you are authorized to process externally.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 94% confidence
Finding: The skill explicitly requires environment variables, reads a local image path, and sends the file to a remote API, but it does not declare corresponding permissions. That creates a transparency and policy-enforcement gap: users or orchestrators may not realize the skill can access local files, secrets, and the network, increasing the chance of unintended data exposure.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill processes a local image file by uploading it to TrafficEye, but the user-facing description does not clearly warn that local image data leaves the system and is sent to a third party. This can lead to uninformed sharing of sensitive images, which is especially relevant because license plate images often contain personal or regulated information.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The CLI reads a local image file and uploads its contents to a third-party API, but the execution flow provides no explicit warning, confirmation, or disclosure to the user at the time of transfer. Because license plate images can contain personal data and surrounding scene information, silent exfiltration to an external service creates a real privacy and compliance risk, especially when invoked by a higher-level agent on the user's behalf.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The tool automatically sources API credentials from environment variables and sends them to the external service using header, bearer, form, or query modes without any user-facing disclosure. This is risky because users may not realize credentials are being consumed and transmitted, and the query/form options are especially exposure-prone due to logging, intermediaries, and accidental leakage in traces or shell history.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal