Security audit

Vultr Inference

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Vultr inference helper that sends user-provided prompts to Vultr and can save generated images locally when invoked.

Install only if you intend to use Vultr's hosted inference service. Protect ~/.config/vultr/api_key, avoid sending secrets or regulated data unless Vultr's data handling is acceptable for your use case, and choose output filenames carefully because generated images may be written to local files.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill clearly performs network operations against the Vultr Inference API, but no explicit permissions are declared. That creates a transparency and governance gap: users or policy engines may not realize prompts, chat content, and API-backed actions leave the local environment.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 82% confidence
Finding: The skill description says it generates images and text, but the examples also list models and download generated images to local files. While not overtly malicious, this broadens behavior beyond the stated summary and can surprise users by writing files locally or performing ancillary network actions.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill instructs users to submit prompts and chat messages to a third-party API but does not warn that user content will leave the local system. This is a privacy risk because users may unknowingly send sensitive prompts, personal data, or proprietary text to an external service.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The documentation tells users to store and use a cloud API key but does not emphasize that the credential is sensitive or warn against exposing it in shells, logs, scripts, or shared environments. Mishandling this key could allow unauthorized use of the user's Vultr account and paid inference resources.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.