arxiv-cv-daily

Security checks across malware telemetry and agentic risk

Overview

This skill performs a disclosed arXiv research workflow that saves papers, logs, PDFs, and extracted text locally.

Install only if you are comfortable with a Python workflow that contacts arXiv and writes research artifacts locally. Choose a non-sensitive output directory, expect cached paper metadata, PDFs, extracted text, and logs to remain there, and delete the run directory when finished.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 95% confidence
Finding: The skill instructs the agent to perform filesystem reads/writes, network access, and shell execution, but it does not declare permissions or clearly bound those capabilities. This creates a confused-deputy risk: a user may invoke what appears to be a simple research workflow without realizing it can write arbitrary files under a chosen path, invoke local commands, and fetch remote content, which broadens the attack surface for data exposure or unsafe command execution in the hosting environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal