Back to skill

Security audit

Garden Planner

Security checks across malware telemetry and agentic risk

Overview

This garden-planning skill does what it advertises: it stores garden records locally and can optionally check weather using Open-Meteo.

Before installing, expect the skill to create or update a local garden.json file with your plant and watering records. Use the weather command only if you are comfortable sending ZIP code or latitude/longitude to Open-Meteo, and choose --data-dir if you want the garden file stored somewhere specific.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documents scripts that write persistent data to a user home-directory path and perform outbound network access to a weather service, but the manifest does not declare corresponding permissions. That mismatch undermines informed consent and security review because a user or platform may invoke a skill with capabilities they were not clearly warned about.

Vague Triggers

Medium
Confidence
81% confidence
Finding
The description includes broad trigger phrases like 'garden', 'plant', and 'what should I plant', which can match ordinary conversation and cause the skill to activate unexpectedly. Over-broad routing increases the chance of unintended execution of file-writing or network-enabled actions in contexts where the user did not specifically intend to use this skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.