llms-txt-sniffer

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed documentation helper that probes user-provided documentation sites for llms.txt or sitemap indexes.

Install this only if you want your agent to make outbound requests to documentation URLs you provide. Avoid using it with localhost, internal network, cloud metadata, or other sensitive private URLs; the helper includes some blocking, but the skill also documents direct curl probes.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 95% confidence
Finding: The skill performs outbound network access via `curl -I` and a Python sniffer script, but it does not declare any corresponding permission despite those capabilities being central to its behavior. This creates a trust and policy gap: callers reviewing metadata may not realize the skill can contact arbitrary domains, which can enable unintended external requests, data exposure through URL/query transmission, or bypass of tool-governance expectations.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal