Football Prediction Optimized

Security checks across malware telemetry and agentic risk

Overview

This football prediction skill behaves consistently with its purpose, using user-supplied match text and a disclosed DeepSeek API key to generate predictions.

Install only if you are comfortable sending match feature text to DeepSeek or the configured DeepSeek-compatible endpoint. Use a dedicated API key, verify DEEPSEEK_BASE_URL before running, avoid private/proprietary notes in input files, and review predictions carefully before using them for betting or other financial decisions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill advertises executable behaviors that use environment variables, local file access, and network access, but it does not declare permissions or surface these capabilities clearly in a permission model. This weakens user consent and platform enforcement, making it easier for the skill to read local inputs and send data externally without adequate transparency.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 96% confidence
Finding: The skill’s stated purpose focuses on football prediction, but the implementation also sends user-provided match data to the external DeepSeek API, which is a material behavior not prominently disclosed in the high-level description. Hidden or underemphasized third-party transmission creates privacy, compliance, and trust risks, especially if users assume processing is local or confined to the skill ecosystem.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The trigger examples are broad enough that the skill may auto-activate for generic requests about match analysis or prediction without clear boundaries. Over-broad activation can cause unintended execution, including accidental file processing or network calls to third-party services when the user did not explicitly request this specific skill.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill documents use of a required API key and an external DeepSeek endpoint but does not provide a user-facing privacy or data-transfer warning. Users may submit match feature text or other contextual data without understanding that it will be sent to a third party, creating avoidable confidentiality and compliance risk.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The skill reads arbitrary match input from a local file and sends the full contents to the external DeepSeek API for processing, but the code provides no user-facing notice, consent step, redaction, or data-classification guardrails before transmission. This creates a real data exfiltration/privacy risk if the input file contains proprietary betting data, personal information, or other sensitive material beyond what the user expected to leave the local environment.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal