PracticePanther API MCP
Security checks across malware telemetry and agentic risk
Overview
This is a small instruction-only skill for a read-only PracticePanther MCP connector; the main risk is that it can expose sensitive legal-practice data through the external MCP binary and credentials you configure.
Install only if you intend to let an agent read PracticePanther data. Before use, verify the external practicepanther-mcp npm package and maintainer, confirm exactly how PracticePanther credentials are provided and stored, use the least-privileged read-only credential available, and inspect the listed MCP tools before calling them.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.