Mumara

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a legitimate Mumara integration, but it exposes broader administrative API access than its narrow description makes clear.

Install only if you intend to give the agent broad authenticated access to Mumara. Review any requested write, delete, campaign, or raw API action before approving it, and prefer a least-privilege Mumara account where possible.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 89% confidence
Finding: The manifest says the skill is for managing users and organizations, but the body documents much broader Mumara administration and direct proxy access to arbitrary API endpoints. This scope mismatch can mislead routing and approval decisions, causing the agent or user to invoke a much more powerful skill than expected.

Vague Triggers

Medium

Confidence: 83% confidence
Finding: The invocation description is very broad ('interact with Mumara data'), which may cause the skill to be selected for many generic prompts involving Mumara. Because the skill exposes broad administrative and arbitrary API capabilities, overbroad triggering increases the chance of unintended sensitive actions or data access.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal