MerkleMap OSINT

Security checks across malware telemetry and agentic risk

Overview

This is a coherent MerkleMap OSINT skill that uses a declared API key and creates local reports only as part of its advertised reporting features.

Install this only if you intend to use MerkleMap for OSINT and certificate-transparency lookups. Treat MERKLEMAP_API_KEY as a secret, run scans only for domains you are authorized or comfortable investigating, and remember that generated HTML/JSON reports may leave sensitive reconnaissance results on disk.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration

Findings (4)

Description-Behavior Mismatch

Medium

Confidence: 92% confidence
Finding: The skill extends beyond its declared OSINT/API scope by instructing the agent to read prior local report files and write new reports to disk. That creates an unexpected local file access surface, which can expose nearby files, leak prior scan data, or overwrite existing artifacts if the user did not explicitly request filesystem interaction.

Context-Inappropriate Capability

Low

Confidence: 88% confidence
Finding: Automatically searching the current directory for prior report files introduces implicit local file reads unrelated to the core API lookup function. Even if intended for convenience, this broadens access to local artifacts and may reveal sensitive filenames or contents through comparison logic.

Vague Triggers

Medium

Confidence: 90% confidence
Finding: The trigger phrases for report generation are broad enough that ordinary user requests like 'export the results' or 'create a report' can cause automatic file creation. This can lead to unexpected side effects, disk writes, or accidental persistence of sensitive reconnaissance data without clear confirmation.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill directs the agent to write HTML/JSON files to disk without warning about persistence, location, or overwrite risk. Saving reconnaissance output locally can create sensitive artifacts and may overwrite user files if naming collides or custom paths are mishandled.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal