skill-usefulness-audit

Security checks across malware telemetry and agentic risk

Overview

This is a local skill-auditing tool that reads installed-skill folders and optional evidence files to produce reports, with no evidence of hidden network access, credential theft, or automatic deletion.

Install this only if you want a local audit of installed agent skills. Prefer passing explicit skill roots and sanitized evidence files, especially for history exports, and treat any delete or quarantine recommendation as a manual review prompt rather than an instruction to remove skills automatically.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 90% confidence
Finding: The skill advertises `disable-model-invocation: true` but its instructions clearly direct execution of a local Python script that reads and writes multiple files, may inspect usage/history data, and can process optional community inputs. The metadata declares required binaries but does not declare explicit permissions for file, shell, environment, or possible network access, creating a transparency and least-privilege gap that can lead hosts to under-enforce or misjudge the skill's capabilities.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal