Find Community Help

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed dry-run helper that prepares redacted outside-help search plans and does not itself browse, persist broadly, or execute web-provided commands.

Install only if you want a host agent to prepare redacted, advisory-only search plans when work is blocked. Review any generated queries before using private connectors or internal sources, and keep stored hints limited to the active conversation as documented.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill advertises `disable-model-invocation: true` and describes itself as a dry-run planner, but it explicitly invokes local Python scripts and those scripts may read/write files and potentially perform network or shell actions. With no declared permissions, the host and reviewers cannot accurately enforce least privilege, increasing the chance that the skill is granted or exercises capabilities beyond what users expect.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal