PicoClaw Financev

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed LinkedIn job-scraping tool that makes expected web requests and can save results, with no evidence of hidden credential access or persistence.

Install only if you intend to run a LinkedIn job scraper. Keep usage low-volume, understand it may violate LinkedIn’s terms or trigger IP blocking, and consider running it in a small controlled Python environment with pinned dependencies.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill documentation describes capabilities that require network access and output file writing, but the skill declares no corresponding permissions. This creates a transparency and governance gap: users or platforms may approve or run the skill without understanding that it can make external requests and persist scraped data locally. In this context, the behavior is expected for a scraper, so the risk is not inherently malicious, but undeclared capabilities make review, consent, and sandboxing weaker.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal