NetPad - Build forms, workflows and manage MongoDB data

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed NetPad administration helper, but it should be treated like an admin/data-access tool because it can change, delete, and export NetPad content.

Install only if you want the agent to help administer NetPad. Use a least-privilege or test API key when possible, verify the target NetPad base URL, review the external @netpad/cli package before relying on it, and require explicit confirmation before delete, export, publish/unpublish, marketplace install, or RBAC changes.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Intent-Code Divergence

High

Confidence: 99% confidence
Finding: The add-field implementation assigns inputs to variables named fpath, ftype, and freq, but then constructs the JSON payload using undefined variables path, type, and required. Under set -u this can cause the command to fail unpredictably, and if similarly named environment variables are present, unintended values could be injected into form definitions sent to the remote API.

Missing User Warnings

Medium

Confidence: 88% confidence
Finding: The skill documents destructive delete operations for forms and submissions without warning about irreversibility, confirmation steps, or backup guidance. In an agent context, this increases the risk of accidental or overly broad deletion of production data by users or automated workflows.

Missing User Warnings

Medium

Confidence: 90% confidence
Finding: The skill shows how to list and export submissions, which may contain personal or otherwise sensitive form data, but gives no privacy or data-handling warning. This can lead to unnecessary exposure, broad exports, insecure storage, or sharing of regulated data outside intended access controls.

Missing User Warnings

Low

Confidence: 82% confidence
Finding: The skill instructs users to set an API key and use bearer authentication but does not warn against exposing credentials in shell history, logs, screenshots, or shared environments. While this is common documentation, omitting secret-handling guidance can still contribute to credential leakage and subsequent unauthorized access.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal