Lp3
Medium
- Category
- MCP Least Privilege
- Confidence
- 70% confidence
- Finding
- Without declared permissions the skill's intent is opaque and cannot be validated.
Model Router
Security checks across malware telemetry and agentic risk
Overview
This skill appears to be a small local model-selection helper, with no evidence of hidden data access, credential use, persistence, or unsafe execution.
Before installing, review the models JSON you provide because the router may choose any provider or model listed there. Test the routing rules on representative tasks, especially if automatic routing could affect cost or send sensitive prompts to external providers.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
- MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)
Vague Triggers
Low
- Confidence
- 90% confidence
- Finding
- The "When to use" section says to trigger the skill whenever you need to programmatically choose which LLM to call for a user request, which is a broad condition that could match many ordinary routing scenarios. It does not provide explicit boundaries, trigger phrases, or negative examples to clarify when this skill should not be invoked.
VirusTotal
66/66 vendors flagged this skill as clean.