MCP Tool Utils

Security checks across malware telemetry and agentic risk

Overview

This is a small, text-only MCP setup helper whose risks are mainly normal configuration and API-key handling for remote tool servers.

Before installing or using it, check which MCP servers will be added, back up or review config changes, avoid putting API keys in committed files or shell history, and assume queries sent through remote MCP servers may be visible to those providers.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The documentation explicitly recommends commands such as `sync --to openclaw` and server-add operations that alter local MCP/OpenClaw configuration, but it does not warn users that these actions write to or modify config state. In a tool-management skill, this can lead to unintended persistent changes, broken tool routing, or trust of newly added remote MCP endpoints without adequate user awareness.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The examples show API credentials passed in URLs and CLI arguments, such as `tavilyApiKey=...` and `--api-key $TAVILY_KEY`, without warning about secret exposure. Secrets embedded in config files, command histories, logs, process listings, or shared screenshots can be leaked and then abused to access third-party MCP services.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal