Back to skill

Security audit

GLSL Encyclopedia

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed GLSL documentation helper that fetches official docs and stores workspace-local cache and notes.

Install this if you want a workspace-local GLSL docs and notes workflow. Expect it to fetch official GLSL documentation from docs.vulkan.org and create or update .GLSL-Encyclopedia files in the workspace; do not put secrets, private URLs, tokens, or sensitive access details into those notes.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill instructs the agent to perform network fetches and write cached content and notes to the local filesystem, but no permissions are explicitly declared. That creates an authorization and review gap: operators may believe the skill is documentation-only while it can modify workspace state and pull remote content, increasing risk of unintended writes, data contamination, or misuse through prompt injection into cached material.

Tp4

High
Category
MCP Tool Poisoning
Confidence
88% confidence
Finding
The skill is presented primarily as a GLSL reference and workflow assistant, but its instructions also include creating filesystem structures, fetching remote pages, parsing content, and persisting derived artifacts locally. This mismatch is dangerous because it hides side-effecting behavior behind an apparently informational skill, which can bypass user expectations, complicate trust decisions, and expand the attack surface via remote content ingestion and local persistence.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.