axiom-json-canonicalizer

Security checks across malware telemetry and agentic risk

Overview

This is an offline JSON tool with no exfiltration behavior, but its security-sensitive RFC 8785/JCS claims do not match the implementation.

Treat this as a custom offline JSON normalizer unless the publisher fixes or narrows the RFC 8785/JCS claims. Do not rely on it for cryptographic signatures, JWT/OAuth payloads, audit logs, or interoperability with other JCS implementations without independent test vectors and agreement that NFC normalization and its number formatting are acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 82% confidence
Finding: The skill claims RFC 8785/JCS compliance and suitability for signing, hashing, and integrity verification, but the finding indicates behavior that diverges from that standard, especially Unicode NFC normalization and handling beyond strict JSON semantics. In a canonicalization tool used for signatures or hashes, even small semantic mismatches can cause signature verification failures, interoperability bugs, or false trust in tamper-evident workflows.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal