Baidu Hot Real

Security checks across malware telemetry and agentic risk

Overview

This skill fetches public Baidu hot-search rankings, and its network and shell use are disclosed and limited to that purpose.

Install only if you are comfortable with a skill that runs local Python/Bash and makes outbound requests to Baidu. It does not appear to handle credentials or private files; review future updates for any expansion beyond the Baidu hot-search fetch workflow.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 96% confidence
Finding: The skill declares executable capabilities via `allowed-tools: web_fetch, Bash`, enabling both network access and shell execution, while the analyzer reports no explicit permission declaration. Even though the stated purpose is legitimate web scraping, this combination expands the attack surface: a skill with shell and network access can fetch untrusted content, invoke arbitrary commands, and potentially access local environment data if the runtime is permissive.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal