Back to skill

Security audit

NextDNS

Security checks across malware telemetry and agentic risk

Overview

The skill appears purpose-aligned for managing NextDNS, but it handles sensitive DNS API access and should be used deliberately.

Install only if you intend to let the agent use a NextDNS API key. Treat DNS logs as private browsing metadata, scope requests to specific profiles and time ranges, confirm before changing profiles or clearing/deleting logs, and rotate or revoke the API key if you no longer use the skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill explicitly relies on environment variables for authentication and instructs use of a Python helper that makes network calls to the NextDNS API, yet no permissions are declared. That creates a transparency and policy gap: an agent or reviewer may not realize the skill can access secrets and exfiltrate data over the network, which is especially sensitive here because DNS logs and profile data can reveal browsing activity.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.