Ipo Alert

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it says: check public Korean IPO/listing schedules and remember prior alerts locally.

Install only if you are comfortable with periodic requests to 38.co.kr and a small local state file at ~/.config/ipo-alert/state.json. Review any cron or HEARTBEAT schedule so it runs only as often as you intend.

SkillSpector

By NVIDIA

Vulnerability Patterns

Rogue AgentSelf-Modification, Session Persistence
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill declares no explicit permissions, yet its documented behavior clearly includes shell execution (`python3`, `curl`) and persistent file writes to `~/.config/ipo-alert/state.json`. This creates a permission/transparency gap: an agent or user may invoke the skill without understanding that it executes commands and stores data on disk, which can increase risk if the implementation changes or is abused.

Session Persistence

Medium

Category: Rogue Agent
Content: ## 설치 후 설정 1. 상태 파일 디렉토리 생성: `mkdir -p ~/.config/ipo-alert` 2. 크론잡 또는 HEARTBEAT.md에 체크 추가 ## 스크립트
Confidence: 87% confidence
Finding: mkdir -p ~/.config/ipo-alert` 2. 크론잡 또는 HEARTBEAT.md에 체크 추가 ## 스크립트 스킬 디렉토리 기준 상대경로로 실행합니다: ```bash # 스킬 경로 변수 (설치 위치에 맞게) SKILL_DIR="<workspace>/skills/ipo-alert" # 일일 체크 (청약 D-1, 당일 알림) python3

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal