Security audit

SMILES Profiling

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it profiles one SMILES string using named external chemistry services, but users should treat submitted compounds as non-private.

Install only if you are comfortable sending the SMILES you provide to the listed third-party chemistry services. Do not use confidential, unpublished, proprietary, or regulated compound structures unless your organization allows those external submissions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill explicitly relies on multiple external web services (SwissTargetPrediction, PubChem, ADMETlab 3.0, ChEMBL, and PK-Smart), which implies network access, yet no permissions are declared. This creates a trust and governance gap: an agent or platform may allow outbound requests without transparent user consent, policy review, or sandboxing expectations, and the queried SMILES may represent sensitive proprietary compounds.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The script transmits the user-supplied SMILES string to multiple third-party services (SwissTargetPrediction, PubChem, ADMETlab, ChEMBL, and PK-Smart) without any explicit disclosure, consent flow, or privacy warning at the point of use. Even if a SMILES string is not always personally sensitive, it can represent proprietary compound structures, unpublished research, or confidential drug-discovery inputs, so silent exfiltration to external providers creates a real confidentiality and compliance risk.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The script sends user-provided SMILES strings to multiple third-party services (SwissTargetPrediction and ADMETlab) without any user-facing notice, consent step, or configuration gate. In a chemistry/profiling skill, SMILES may represent proprietary compounds or sensitive research leads, so silent exfiltration to external services creates a real confidentiality and compliance risk.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The PK-Smart path transmits the SMILES over WebSocket to an external Streamlit backend and then retrieves result files over HTTP(S), again with no disclosure or consent mechanism. This is particularly sensitive because the code automates a browser-like interaction, making remote submission less obvious to users while still exposing potentially confidential molecular structures.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.