Back to skill

Security audit

招标文件解析

Security checks across malware telemetry and agentic risk

Overview

This skill locally parses user-provided bidding documents and creates local report files, with no evidence of hidden network access, credential use, persistence, or destructive behavior.

Install if you are comfortable letting the agent process the bidding files you provide and create local TXT, Markdown, and DOCX reports. Use a trusted workspace for confidential procurement documents, review output filenames to avoid accidental overwrite, and install Python dependencies only from trusted sources.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to read source/template files and write generated Markdown/DOCX outputs into the workspace, but it declares no corresponding permissions. Undeclared file access weakens user visibility and policy enforcement, making it easier for the skill to read or overwrite local files without explicit authorization boundaries.

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill description promises broad document parsing and structured extraction, but the documented behavior relies on auxiliary scripts and templates that do not clearly implement all claimed capabilities, especially DOCX/TXT parsing and the six-category extraction. This mismatch is dangerous because users may trust the skill with sensitive procurement documents under false assumptions about what it actually does, which can lead to incorrect outputs, hidden processing steps, and unsafe operational reliance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.