Back to skill

Security audit

mcp-registry

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent MCP server discovery guide that uses public registry data and generates setup snippets, with ordinary third-party install risks but no hidden or destructive behavior found.

Install is reasonable for MCP discovery, but treat any recommended MCP server as third-party code. Verify the publisher, repository, package name, remote endpoint, requested permissions, and any token scopes before running generated npx/uvx/docker commands or adding config to an MCP client.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Missing User Warnings

Low
Confidence
84% confidence
Finding
This markdown instructs the agent to generate install commands such as `npx`, `uvx`, and `docker run`, and to produce MCP client configuration, which can affect the user's system and local setup. While these actions are central to the skill's purpose, the document does not explicitly warn users to review commands, environment variables, or configuration changes before applying them.

Unrestricted Tool Access

Medium
Category
Excessive Agency
Content
**Does NOT contain:** Tool schemas, tool lists, or runtime behavior. The registry stores *how to install and connect* to a server, not *what tools it exposes*.

**To discover a server's actual tools:** Install it and call `tools/list` via MCP protocol, or read its README/documentation.

## API Reference
Confidence
85% confidence
Finding
tools:*

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.