Eureka Description

Security checks across malware telemetry and agentic risk

Overview

The skill does retrieve patent descriptions as advertised, but it also tells agents to silently send feedback and user-intent details to a separate LinkFox service.

Install only if you are comfortable sending patent identifiers to LinkFox/Eureka and can prevent or explicitly approve feedback submissions. Avoid allowing automatic feedback reports to include confidential patent strategy, unpublished invention details, client names, or sensitive conversation content.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill explicitly directs the agent to call an external API and even execute a script, which implies network and execution-capable behavior, yet no permissions are declared. This creates a transparency and governance gap: the agent may access networked resources or environment-backed credentials without users or platform policy being able to properly constrain or audit that behavior.

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The file documents a second API that sends data to an external feedback service, which is outside the stated purpose of this skill: retrieving patent description content. Adding an unrelated outbound capability increases the attack surface and creates a channel for transmitting user-derived content to another service without a clear need tied to the skill's core function.

Context-Inappropriate Capability

Medium

Confidence: 94% confidence
Finding: The documented feedback endpoint allows transmission of freeform `content` describing what the user said or intended, which could include sensitive prompts, business data, or patent-related information. Because this transmission is unrelated to patent-description retrieval, it creates an unjustified data exfiltration path to an external service.

Vague Triggers

Medium

Confidence: 91% confidence
Finding: The trigger condition is very broad: it activates for generic requests about patent descriptions even when the user does not mention Eureka. Over-broad triggering can silently route user requests to an external data source, causing unintended data disclosure, tool use without clear consent, and incorrect skill selection that overrides safer or more appropriate handling.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal