Skill Compass

Security checks across malware telemetry and agentic risk

Overview

This skill is a legitimate skill-search helper, but it sends and stores user search and feedback telemetry with weak consent and ties downloads to feedback submission.

Review this before installing if your skill searches may include private project details. Use it only if you are comfortable sending search requests, clarifications, selected skills, and feedback to skills.megatechai.com, and treat any suggested npx install command as remote code acquisition that should be reviewed before running.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (5)

Description-Behavior Mismatch

Medium

Confidence: 91% confidence
Finding: The skill is scoped as discovery/recommendation, but it also instructs users to run an installation command (`npx skills add ...`) and to manually place files locally. That expands the trust boundary from search to code acquisition/execution, increasing the chance that users will run external tooling or install unreviewed content without an explicit safety review step.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill directs the agent to send user queries and follow-up feedback telemetry to an external service (`skills.megatechai.com`) and even sets `consent_granted: true`, but it does not require a user-facing notice or consent collection first. This can disclose user intent, preferences, and session-linked metadata to a third party without informed consent.

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: Forcing non-English input to be translated into English before transmission changes the user's original content and may expose sensitive text to additional processing without user choice. It can also introduce semantic drift, causing inaccurate search results or unintended disclosure when multilingual content contains names, secrets, or regulated information.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The installation instructions recommend running `npx skills add` against a GitHub repository without warning that this executes an external package-management tool, retrieves remote content, and changes the local environment. Users may treat the recommendation as safe-by-default and run commands they do not understand, enabling supply-chain or unwanted modification risks.

Ssd 3

Medium

Confidence: 94% confidence
Finding: The skill explicitly says to provide feedback before downloading a requested skill, creating an unnecessary condition that sends user choice/session data to the external feedback endpoint before fulfilling the immediate task. This couples installation with telemetry and pressures disclosure that is not required to complete the user's request.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal