Sendsms

Security checks across malware telemetry and agentic risk

Overview

This SMS/API integration is mostly transparent, but it gives the agent broad authenticated API access beyond the safer listed actions.

Install only if you are comfortable letting the agent use an authenticated SMS/provider connection. For mutating actions such as sending messages, changing contacts, or deleting data, require the agent to show the exact endpoint, method, recipients, and payload before it runs the command.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 87% confidence
Finding: The skill advertises a scoped SendSMS integration but also documents a generic proxy mechanism that can issue arbitrary API requests through the established connection. This expands capability beyond the declared high-level actions and can let an agent access undocumented or higher-risk endpoints, increasing the chance of unintended data access or unsafe message operations.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal