Back to skill

Security audit

Securitysuite

Security checks across malware telemetry and agentic risk

Overview

This appears to be a local skill-auditing helper that sends user-selected skill files to a localhost server, with disclosure gaps but no artifact-backed malicious behavior.

Install only if you are comfortable running a local audit server and sending whole skill files to it. Keep it bound to localhost, avoid submitting files that contain secrets or proprietary material, and check whether the service logs request bodies before using batch mode.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill declares no permissions, yet it clearly exposes and documents network-accessible HTTP endpoints via a FastAPI/uvicorn server. This mismatch weakens transparency and security review because consumers may assume the skill is purely local or inert when it actually performs network operations and accepts data over HTTP.

External Transmission

Medium
Category
Data Exfiltration
Content
### Audit a SKILL.md (full check)

```bash
curl -s -X POST http://localhost:8010/v1/audit \
  -H "Content-Type: application/json" \
  -d "{\"skill_content\": $(cat SKILL.md | jq -Rs)}" | jq
```
Confidence
85% confidence
Finding
curl -s -X POST http://localhost:8010/v1/audit \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### Generate a security report with recommendations

```bash
curl -s -X POST http://localhost:8010/v1/report \
  -H "Content-Type: application/json" \
  -d "{\"skill_content\": $(cat SKILL.md | jq -Rs)}" | jq
```
Confidence
85% confidence
Finding
curl -s -X POST http://localhost:8010/v1/report \ -H "Content-Type: application/json" \ -d

External Transmission

Medium
Category
Data Exfiltration
Content
### Batch audit multiple skills

```bash
curl -s -X POST http://localhost:8010/v1/batch \
  -H "Content-Type: application/json" \
  -d "{\"skills\": [$(cat skill1.md | jq -Rs), $(cat skill2.md | jq -Rs)]}" | jq
```
Confidence
90% confidence
Finding
curl -s -X POST http://localhost:8010/v1/batch \ -H "Content-Type: application/json" \ -d

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.