Security audit

Java Maven Common

Security checks across malware telemetry and agentic risk

Overview

This Maven project intake helper is mostly coherent, but its script can delete or write local files if given unsafe paths or archives.

Install only if you are comfortable letting the agent clone repositories and unpack project ZIPs into local temporary directories. Use disposable temp work paths, avoid credential-bearing URLs, and do not point --work or --json at important directories until path guards and safer archive handling are added.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill instructs the agent to unpack archives, clone repositories, write into temp directories, and use a bundled script, which implies shell execution and filesystem writes without declaring explicit permissions. That mismatch is risky because downstream systems or reviewers may assume the skill is less privileged than it actually is, reducing oversight around operations that handle untrusted ZIP files and repository content.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal