Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
Kraken Pro
Security checks across malware telemetry and agentic risk
Overview
This skill is a transparent Kraken account CLI, but it can perform real financial actions if the user gives it powerful Kraken API credentials.
Install only if you intend to let an agent help manage a Kraken account. Use a dedicated least-privilege Kraken API key: start read-only for balances, ledgers, and market data, and add trading or withdrawal permissions only when needed. Review exact asset, pair, amount, price, and withdrawal key before allowing any command with --confirm.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)
Vague Triggers
Medium
- Confidence
- 94% confidence
- Finding
- The manifest description says to use the skill when the user wants to "interact with Kraken in any way," which is broader than a bounded set of commands or contexts. That phrasing can overlap with many ordinary references to Kraken and does not provide exclusion conditions or trigger constraints.
VirusTotal
64/64 vendors flagged this skill as clean.