Gas Price Alert

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed gas-station lookup and optional alert helper, but users should treat prices and non-Columbus results as approximate.

Install only if you are comfortable sending searched ZIP codes or coordinates to external mapping or gas-price services. Treat displayed prices as estimates unless using a real price source, be cautious with non-Columbus searches, and review any cron alert so it does not keep sending location-based requests after you no longer need it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill documentation instructs users to run scripts that perform network access and write output files, but the skill declares no permissions. This creates a transparency and governance problem: operators and users cannot accurately assess what capabilities the skill uses, and an agent framework may execute it with broader effects than expected.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 92% confidence
Finding: The documented behavior materially overstates what the skill does and omits important implementation details such as browser-based scraping, local file output, hardcoded location assumptions, and the lack of actual alerting/monitoring logic. This mismatch can cause users or orchestrators to trust the skill with workflows it cannot safely or accurately perform, and hidden scraping or persistence behavior increases operational and compliance risk.

Description-Behavior Mismatch

Medium

Confidence: 96% confidence
Finding: The skill description promises gas price finding for any US location, but the implementation is anchored to Columbus-specific defaults and hardcoded Costco locations, while most returned stations have no real price data. This creates a deceptive-output integrity issue: users may rely on incomplete or estimated results as if they were nationwide and current, which can mislead downstream actions or automations.

Intent-Code Divergence

Low

Confidence: 87% confidence
Finding: The code computes station distance using a default downtown Columbus reference rather than the user-supplied search location, despite presenting the search as location-based. This can cause incorrect filtering and ranking of stations, producing inaccurate results that undermine trust and may misdirect users.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill describes scheduled Telegram notifications containing location-derived gas price results without warning users about privacy implications. Repeated delivery of destination-specific or home-area searches can expose sensitive location patterns, especially when sent through third-party messaging services or retained in chat history.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal