mcp-sanctions-check

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward OFAC sanctions-checking MCP tool, with package-name verification caveats.

Before installing, verify which npm package scope you intend to run because the README and package metadata disagree. Treat names used for sanctions screening as sensitive business or personal data, and be aware the tool downloads and caches the public OFAC list locally.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Context-Inappropriate Capability

Medium

Confidence: 91% confidence
Finding: The skill allows the remote sanctions feed URL to be replaced via the SDN_URL environment variable, which means anyone controlling the runtime environment can redirect requests to an arbitrary HTTPS endpoint. In an MCP skill whose stated purpose is checking OFAC data, this expands behavior into general outbound network access and can enable SSRF-like egress, untrusted data ingestion, and compliance bypass if a fake sanctions list is supplied.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal