Back to skill

Security audit

原仓IP分析

Security checks across malware telemetry and agentic risk

Overview

The skill has a coherent IP sales-analysis purpose, but it asks users to put a paid bearer token into a persistent config and send it to a raw HTTP endpoint without adequate security guidance.

Install only if you trust this provider and accept the credential risk. Prefer an HTTPS endpoint on a verified domain, use a dedicated revocable token with limited balance or scope if available, monitor paid usage, and rotate or revoke the token after testing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Context-Inappropriate Capability

Medium
Confidence
98% confidence
Finding
The skill tells users to place a bearer token into an MCP configuration that sends requests over plain HTTP to a raw IP address. This exposes the token and any queried data to interception or tampering in transit, and the raw IP endpoint provides little identity assurance compared with a validated HTTPS domain.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The README instructs users to send a bearer token to a third-party HTTP endpoint over plaintext HTTP, without any warning about credential interception, token leakage, or data exposure. Because the service handles authenticated requests and is monetized per query, using HTTP instead of HTTPS materially increases the risk of credential theft and unauthorized usage.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly asks the user for an API token and instructs them to write it into local configuration, but it provides no guidance on safe handling, least privilege, rotation, or where the secret will be stored. This increases the chance of credential leakage through chat logs, screenshots, shared configs, backups, or overbroad token use.

Missing User Warnings

High
Confidence
99% confidence
Finding
The configuration instructions direct users to connect to a remote MCP service over unencrypted HTTP and attach an Authorization bearer token. This creates a straightforward path for network eavesdropping, token theft, response manipulation, and service impersonation, especially because the endpoint is only identified by IP rather than authenticated HTTPS identity.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.