Security audit

Log Parser

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local log parser that reads a user-chosen log file and prints analysis without hidden network access or persistence.

Install this only if you want a local command-line log analyzer. Point it only at logs you intend to inspect, and redact sensitive logs when needed because the parsed samples and reports can expose secrets or personal data contained in the file.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill documentation indicates it reads arbitrary log files via a user-supplied `--file` path, but the manifest declares no corresponding permissions or constraints. This creates a capability/permission mismatch that can lead to unintended access to sensitive local files if the runtime trusts the manifest for security decisions or user consent.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal