Daily Ai News

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward AI-news fetcher that calls one disclosed news API and does not show credential access, persistence, or destructive behavior.

Install only if you are comfortable letting the skill make requests to the disclosed 60s.viki.moe news service. Treat returned news as remote content, not trusted instructions, and ensure curl is available because the skill depends on it.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 87% confidence
Finding: The skill instructs the agent to execute a local shell script (`./scripts/news.sh`) but does not declare any permissions for shell/code execution. This creates a capability mismatch: reviewers and policy systems may treat the skill as low-privilege while it actually triggers command execution, which increases the risk of unintended script execution, unsafe argument handling, or abuse if the script or its environment is compromised.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal