Back to skill

Security audit

Qrcode Skill

Security checks across malware telemetry and agentic risk

Overview

This QR-code skill does what it says, but users should know QR text and images are sent to a remote service.

Install only if you are comfortable sending QR text and QR images to the remote MCP service. Avoid using it for secrets, private tickets, internal URLs, or real Wi-Fi credentials unless you trust that service’s data handling.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill explicitly sends user-provided text or QR image contents to a third-party MCP endpoint, but it does not warn users that potentially sensitive data will leave the local environment. This creates a real privacy and data-handling risk because users may provide secrets, credentials, tickets, Wi-Fi configs, or other confidential content in QR form without informed consent.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The API reference explicitly documents a remote MCP endpoint and tools that transmit user-provided text and base64 image data to that external service, but it does not warn that this content leaves the local environment. In a skill that may be used on arbitrary user text and images, this creates a real data exposure risk because users or downstream agents may assume processing is local and send sensitive URLs, tokens, documents, or QR images to a third party without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.