Maverick Mailchimp Mcp

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed read-only Mailchimp connector that needs a Mailchimp token but shows no hidden or destructive behavior.

Install only if you are comfortable giving the local MCP server access to the connected Mailchimp account data it can read, including audiences, members, campaigns, campaign content, and reports. Use a Mailchimp grant with the narrowest scopes available, avoid passing unrelated sensitive content through the tools, and consider pinning mcporter/uv-managed dependencies in stricter environments.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill explicitly requires environment variables containing a Mailchimp access token and makes outbound API requests through a local MCP wrapper, yet it declares no explicit permissions. This creates a governance and transparency gap: operators and reviewers are not clearly warned that the skill can access credentials and transmit data over the network.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal