VCF Log Explorer (MCP)

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it lets an agent query VMware Log Insight, but users should protect the API token and treat returned logs as sensitive.

Install only for agents that are allowed to see your Log Insight data. Use a least-privilege API token, keep it out of source control and logs, rotate it if exposed, and consider enabling proper TLS verification or a trusted CA bundle instead of relying on verify=False. Treat returned log messages as untrusted content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Low

Confidence: 77% confidence
Finding: The code returns raw event text and source fields from the external API directly to the AI while claiming it is formatted securely. Log data is untrusted input and may contain prompt-injection content, secrets, control characters, or misleading instructions that can influence downstream agent behavior or expose sensitive information.

Missing User Warnings

Medium

Confidence: 86% confidence
Finding: The setup instructions require users to place a sensitive API token into MCP server configuration without warning about secure storage, token scope, logging exposure, or rotation. In agent ecosystems, such credentials can be exposed through config files, process environments, debug output, or downstream tool misuse, increasing the chance of unauthorized access to Log Insight.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal