Journal SCI/SSCI Checker

Security checks across malware telemetry and agentic risk

Overview

This is a local journal lookup skill with a provenance caveat, not evidence of hidden or malicious behavior.

Safe to install as a convenience lookup, but do not treat it as an authoritative live SCI/SSCI verifier. For consequential research-quality decisions, confirm journal status directly in official Web of Science or JCR sources and treat fuzzy matches or stale local data as uncertain.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 96% confidence
Finding: The skill claims authoritative SCI/SSCI verification using WoS/JCR, but the described behavior relies on a local text file and an update script rather than a live or verifiable check. In a literature-evaluation workflow, this can misclassify journals and cause downstream trust decisions based on stale, incomplete, or placeholder data, which is a real integrity risk even if not a classic exploit.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal