区块城市

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed BlockCity data-scraping skill with reliability and documentation gaps, but no evidence of credential access, persistence, destructive behavior, or unrelated data collection.

Install only if you are comfortable with this skill making outbound requests to blockcity.vip and using scraper dependencies including Playwright. Treat city-detail fields such as fund balance, remaining popularity, mayor, and block counts as unverified because the current parser appears incomplete and may return defaults; validate important results before relying on them.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 95% confidence
Finding: The skill's documented behavior does not match the reported implementation: it allegedly uses an undocumented API, exposes extra data-processing capabilities, and returns placeholder/mock values while claiming to fetch real city-detail data. This is dangerous because users and downstream agents may make decisions based on incorrect assumptions about data provenance, authenticity, and completeness, which can enable silent data integrity failures and reduce oversight of undocumented network behavior.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal