Mcdonald - 麦当劳助手

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only McDonald's helper that uses a user-provided token to query or claim coupons through a disclosed MCP service, with no hidden code or persistence found.

Install only if you trust the McDonald's MCP service and will keep MCD_TOKEN private. Leave MCD_MCP_URL at the default unless you intentionally verified another HTTPS endpoint, and only allow one-click coupon claiming when you want the agent to modify your account coupons.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 85% confidence
Finding: The trigger phrase set includes very broad everyday expressions like asking for the current time or date, which can cause the skill to activate outside the user's actual intent to use the McDonald's service. That can lead to unnecessary external calls and unintended disclosure of account-scoped data or use of authenticated actions in the wrong context.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill exposes an account-affecting action, auto-bind-coupons, as a one-step operation with no explicit confirmation requirement. Even if coupon claiming seems low risk, it modifies the user's account state and could be triggered accidentally or by ambiguous input, violating safe action-confirmation expectations.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal