echarts

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent ECharts chart-building tool, with the main risk being that generated chart pages load the chart runtime from trusted external or user-specified URLs.

Install if you are comfortable with local scripts reading the data files you choose and writing chart artifacts. For confidential data, use a trusted local or approved ECharts runtime URL, keep generated chart folders private, and avoid opening chart.html files from untrusted sources.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The generated HTML dynamically fetches the ECharts runtime from external CDNs at page load, which introduces undisclosed network access and a supply-chain trust dependency into what appears to be a standalone artifact. If a CDN is unavailable, intercepted, or serves a compromised script, the page will execute attacker-controlled JavaScript in the local browser context.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The page accepts bootstrap.cdnUrl values and turns them directly into script src URLs, allowing arbitrary remote JavaScript sources to be loaded and executed. Because script execution is full-trust in the browser, any attacker who can influence the bootstrap JSON or upstream generation path can achieve code execution in the viewer's browser, making this more dangerous than a fixed-CDN dependency.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal