Back to skill

Security audit

API Test Automation

Security checks across malware telemetry and agentic risk

Overview

This is a coherent API test-generation skill whose main risk is that running generated tests can send real requests to user-provided APIs.

Install only if you intend to generate API tests. Before running any generated suite, review the base URL, credentials, pre-request scripts, and any create/update/delete cases; prefer non-production environments and test tokens, and confirm you are authorized to send requests to the target API.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
86% confidence
Finding
The skill instructs the agent to read reference files and invoke local scripts that create workspaces and reports, which are file read/write capabilities, yet no permissions are declared. That mismatch weakens governance and user awareness because the agent may modify local files or consume local references without an explicit permission boundary.

Vague Triggers

Medium
Confidence
74% confidence
Finding
The invocation language is broad enough to trigger on generic API-related prompts, including cases where the user did not intend test generation or execution. In this skill's context, over-triggering is more dangerous because the workflow explicitly moves toward generating scripts and potentially executing tests against user-provided environments, which can cause unintended network activity or file changes.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill encourages executing generated API tests in user-provided environments but does not include a prominent warning or consent gate about the risks of live execution. In practice this can lead to unauthorized or destructive calls against production or third-party systems, credential misuse, rate-limit violations, or state-changing operations being run without adequate review.

Vague Triggers

Medium
Confidence
91% confidence
Finding
The default prompt is a broad auto-invocation instruction that bundles document analysis, script generation, test execution, and report production without clear gating conditions or safety boundaries. In an agent setting, this can cause the skill to be invoked in contexts where untrusted API documentation or user input drives code/script generation and execution, increasing the risk of prompt injection, unsafe actions, or unintended execution against user environments.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.