Back to skill

Security audit

Housing Price Data

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public Chinese housing price index data and optionally writes user-requested chart or report files; I found no hidden, deceptive, credential-seeking, or destructive behavior.

Install only if you are comfortable letting the agent fetch public data from stats.gov.cn. When generating charts or validation reports, use a deliberate output path in your workspace because the scripts can create directories and overwrite files at the chosen path.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation instructs the agent to run a Python script that performs outbound network access to stats.gov.cn and can write chart files, but the skill declares no corresponding permissions. This creates a capability/permission mismatch that can bypass least-privilege controls, making the skill harder to sandbox and audit even though the stated purpose is legitimate data retrieval.

Context-Inappropriate Capability

Medium
Confidence
73% confidence
Finding
When --chart is used, the script writes to a user-controlled path and creates parent directories without any path restrictions. In an agent or automated execution environment, this can enable unintended filesystem modification, overwriting files the process can access, or dropping artifacts outside the skill workspace if an attacker can influence the output path.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.