Paper Report Delivery

Security checks across malware telemetry and agentic risk

Overview

The skill’s paper-report and Telegram delivery workflow is mostly coherent, but it can embed arbitrary local files named in image metadata into HTML that may be sent to Telegram.

Review before installing. Only run this skill on trusted report metadata, inspect generated HTML before sending, and constrain image_path handling to known asset directories and real image MIME types. Use an explicit Telegram target and avoid running it in directories containing sensitive files until that file-embedding behavior is scoped.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill instructs use of file reads/writes, shell scripts, environment-backed configuration, and repo integration, but declares no permissions. That mismatch can cause agents or reviewers to underestimate the skill's operational reach, leading to execution with broader capabilities than users expect. In a pipeline that touches local artifacts, delivery scripts, and Telegram transport, undeclared capabilities materially increase the chance of unintended file access, secret use, or shell-side effects.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal