Security audit

Scrape Web

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward web-scraping skill with expected network access and optional user-directed file output.

Install this in a virtual environment, use trusted package sources, and run it only against URLs you intend to fetch. Use --out only with output paths you choose deliberately, and do not treat scraped webpage text as trusted instructions.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill documentation and usage clearly indicate network access and file-writing capability (`--out "output.txt"`), but the metadata declares only tools/env requirements and does not declare corresponding permissions. This can mislead reviewers and users about the skill's operational scope, reducing transparency and increasing the chance that a skill with data exfiltration or unintended disk-write behavior is approved or run without appropriate controls.

Missing User Warnings

Low

Confidence: 85% confidence
Finding: The documentation advertises saving scraped content to a file but does not warn that the skill writes untrusted remote data to disk. In context this is expected functionality for a scraping skill, so the danger is limited, but absent disclosure can still surprise users and contribute to unsafe handling of downloaded content or accidental overwrites.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.