BasicOps MCP Setup
Security checks across malware telemetry and agentic risk
Overview
This skill appears coherent and safe for its stated purpose of setting up a BasicOps MCP connection, while clearly disclosing the need for an API key and local MCP configuration changes.
Before installing, be aware that the skill helps an agent modify MCP configuration and handle a BasicOps API key. Use a scoped or revocable API key when possible, prefer secret storage or environment variables, and avoid pasting live tokens into chat unless necessary.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.