Daily News

Security checks across malware telemetry and agentic risk

Overview

This skill appears to do what it claims: fetch daily news from a specific third-party API without persistence, credential access, or unrelated data collection.

Install this only if you are comfortable with the skill contacting the 60s API when used. The script is narrow and validated, but users should know it depends on a third-party news service and is primarily oriented toward Chinese daily news output.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill instructs the agent to execute a shell script, but the skill metadata shown does not declare corresponding permissions. Undeclared shell capability weakens the trust and review model because an agent may perform command execution beyond what policy reviewers or users expect, increasing the risk of unsafe network access or command abuse if the script is modified or invoked with untrusted inputs.

Natural-Language Policy Violations

Medium

Confidence: 82% confidence
Finding: The skill description says it should be used for news in Chinese, which can override normal user preference handling and cause the agent to respond in a language the user did not request. This is primarily a policy and usability issue rather than direct code execution, but it can still lead to misleading or inaccessible outputs if the agent follows the skill rigidly.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal