Phoenix API Generator

Security checks across malware telemetry and agentic risk

Overview

The skill is a normal Phoenix API code generator, but its tenant-security examples can teach generated apps to expose one tenant's data to another.

Install only if you will review and harden the generated authorization code. Before using generated APIs, derive tenant identity from authenticated claims or verified membership, scope every read/update/delete by tenant, and add cross-tenant denial tests.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 96% confidence
Finding: This is a real insecure direct object reference / tenant-isolation flaw in the reference pattern. The router indicates authenticated and tenant-scoped APIs, but the controller's show/update/delete paths fetch records by raw ID without constraining queries to conn.assigns.tenant_id, allowing access to or modification of another tenant's records if IDs are guessed or enumerated. In a code-generation skill, insecure examples are especially dangerous because downstream generated projects may reproduce the flaw broadly across resources.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal