OpenAI Deep Research Skill

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed OpenAI deep-research helper that runs on user command, calls the OpenAI API as expected, and saves local research artifacts.

Use a scoped OpenAI API key, avoid untrusted custom OPENAI_BASE_URL gateways, and do not submit confidential topics unless they may be sent to the configured provider. Review the saved raw outputs because they may contain the full research prompts, evidence, and model responses.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill instructs users to set and use environment variables such as OPENAI_API_KEY and to run a script that writes multiple artifacts to disk, but the skill metadata does not declare corresponding permissions. This creates a transparency and governance gap: an agent or operator may approve and execute the skill without realizing it accesses secrets from the environment and performs filesystem writes, which can lead to unintended secret exposure or uncontrolled data persistence.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal