Back to skill

Security audit

Step Parts

Security checks across malware telemetry and agentic risk

Overview

The skill does what it says: it searches step.parts and can download CAD STEP files, with no evidence of hidden or destructive behavior.

Install if you are comfortable with a skill that contacts step.parts and saves CAD files locally. Prefer a dedicated output directory, avoid using --overwrite unless needed, and be cautious with custom filenames or alternate API origins.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill instructs the agent to perform network access to external domains and to download STEP files to local storage, but the skill declares no permissions. That mismatch is a real security issue because it hides the skill's operational capabilities from the permission model and review process, making external data exfiltration, unreviewed downloads, and filesystem writes easier to introduce without explicit consent boundaries.

Self-Modification

High
Category
Rogue Agent
Content
out_dir.mkdir(parents=True, exist_ok=True)
    path = out_dir / filename_for(part, args.filename, allow_requested_filename)
    if path.exists() and not args.overwrite:
        raise SystemExit(f"Refusing to overwrite existing file: {path}")

    data = request(step_url, args.timeout)
    path.write_bytes(data)
Confidence
86% confidence
Finding
overwrite existing file

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.