Fixer

Security checks across malware telemetry and agentic risk

Overview

This appears to be a real Fixer currency-rate skill, but its description incorrectly claims organization and user management, so it needs review before install.

Install only if you intend to use Fixer currency exchange data through Membrane. Confirm the Membrane connection is specifically for Fixer, avoid using the proxy command outside explicit Fixer API tasks, and treat the organization/user-management description as an error until the publisher corrects it.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

High

Confidence: 97% confidence
Finding: The manifest advertises this skill as managing Organizations and Users, but the body clearly documents a Fixer currency/rates integration. This mismatch can cause the agent to invoke the skill in the wrong context, leading to unintended network actions, data access, or user confusion about what external system is being contacted.

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation condition 'Use when the user wants to interact with Fixer data' is broad enough that an agent may invoke the skill without sufficient task scoping or confirmation. In a network-enabled skill, over-broad routing increases the chance of unnecessary external calls, incorrect tool selection, and accidental disclosure of user intent to a third-party service.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal