Daily Business Report

Security checks across malware telemetry and agentic risk

Overview

This reporting skill is mostly purpose-aligned, but it can expose the optional NewsData.io API key in local files and command output.

Install only if you are comfortable with the skill contacting public APIs and including local disk/RAM stats in generated reports. Avoid storing a real NewsData.io key in this version unless terminal output and agent transcripts are private; the config display/update path reveals the key in full.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (5)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 94% confidence
Finding: The skill advertises and demonstrates capabilities that imply environment access, file read/write, and network access, but it does not declare permissions or warn users about those actions. This is dangerous because operators may invoke it expecting a simple reporting skill while it can reach external services and inspect local system state, creating an authorization and transparency gap.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 91% confidence
Finding: The documented behavior does not accurately match the described purpose: it claims calendar aggregation but does not provide it, and it performs additional quote/configuration behavior not clearly disclosed. Behavior mismatches are dangerous because they undermine informed consent, make security review harder, and can hide unexpected data collection or outbound requests behind a benign-sounding description.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill describes collecting external data and reporting local system health without any user-facing privacy notice or access warning. This is risky because users may not realize the skill will make outbound requests and inspect local disk or memory metrics, which can expose operational metadata or leak usage patterns in environments where system details are sensitive.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The NewsData.io API key is stored in plaintext in a JSON config file under the user's home/config directory. If the file is readable by other local users, included in backups, or accidentally committed/shared, the credential can be exposed and abused for unauthorized API usage or quota exhaustion.

Missing User Warnings

Medium

Confidence: 98% confidence
Finding: After updating configuration, the command prints the full config JSON to stdout, which includes the stored news API key. This can leak credentials into terminal scrollback, logs, shell history capture tools, CI output, or shared sessions, making accidental disclosure more likely.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal