Back to skill

Security audit

ESPHome Encyclopedia

Security checks across malware telemetry and agentic risk

Overview

This ESPHome helper fetches official docs and saves local project notes/cache in a disclosed, purpose-aligned way.

Reasonable to install for ESPHome documentation and configuration assistance. Keep the generated .ESPHome-Encyclopedia notes inside the intended project, avoid saving Wi-Fi passwords, API keys, dashboard private URLs, or tokens, and review any proposed ESPHome config or OTA-impacting change before applying it to devices.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
70% confidence
Finding
Without declared permissions the skill's intent is opaque and cannot be validated.

Tp4

High
Category
MCP Tool Poisoning
Confidence
98% confidence
Finding
This is a mismatch because the declared purpose presents an ESPHome advisory/configuration assistant for YAML authoring, config review, troubleshooting, component selection, OTA planning, diagnostics, and maintenance workflows, but the actual code does not implement any of those domain-assistance behaviors. Instead, it is a narrow utility for initializing a local workspace and downloading/caching official ESPHome documentation pages from esphome.io. While documentation support could be an internal implementation detail of a documentation-first workflow, the described skill is much broader and centered on answering ESPHome tasks, whereas the code materially differs in primary purpose and includes specific network/file caching behavior not disclosed in the description.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.