semantic-scholar

Security checks across malware telemetry and agentic risk

Overview

This appears to be a normal research helper that queries Semantic Scholar and can save local research exports, with some transparency notes but no evidence of hidden or harmful behavior.

Install if you are comfortable sending research queries and identifiers to Semantic Scholar and storing retrieved metadata locally. Keep the API key private, choose output paths deliberately, and delete exports that contain sensitive research topics when no longer needed.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill clearly directs use of scripts that perform network access, read environment variables for API keys, and read/write local files, yet the skill declares no permissions. This creates a transparency and governance gap: an agent or user may invoke capabilities with broader side effects than expected, including writing harvested data locally and transmitting queries or identifiers over the network.

Missing User Warnings

Low

Confidence: 83% confidence
Finding: The skill instructs users to preserve raw results and export data, including saving output to JSONL and optionally CSV, but does not clearly warn that local files will be created. While this is not inherently malicious, undisclosed file writes can surprise users, create data retention/privacy issues, and leave sensitive research queries or retrieved metadata on disk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal