Mcdonald

Security checks across malware telemetry and agentic risk

Overview

This McDonald's helper is a documented API-calling skill, but users should approve coupon-claiming actions and keep the token private.

Install only if you intend to use the mcp.mcd.cn service. Store MCD_TOKEN as a private secret, verify the endpoint before sending it, and tell the agent to ask before any action that claims coupons or changes your account.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill defines an 'auto-bind-coupons' action that changes the user's account state by claiming coupons, but it does not require an explicit confirmation step before execution. This can lead to unintended account actions from ambiguous prompts or misfires, especially because coupon claiming is not a read-only operation.

Missing User Warnings

Low

Confidence: 86% confidence
Finding: The documentation instructs the agent to send a bearer token to a remote MCP endpoint, but the call pattern does not prominently warn that authentication credentials and request data are being transmitted to an external service. In agent environments, insufficient disclosure around outbound authenticated requests increases the risk of users or operators unknowingly exposing sensitive tokens to third-party infrastructure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal