sai creator ai

Security checks across malware telemetry and agentic risk

Overview

The skill is mostly a disclosed frontend publishing helper, but it needs review because it can place brief content directly into publishable markup and the package is missing advertised carousel templates.

Install only if you are comfortable reviewing generated HTML/SVG before publication. Use trusted SENKU briefs, add escaping or sanitization before publishing outputs, verify or supply the missing carousel templates from a trusted source, confirm the fixed commercial CTA is acceptable, and avoid running the packager on directories that contain unrelated private files.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 93% confidence
Finding: The skill description promises a constrained frontend-rendering role, but the referenced behavior includes unrelated packaging and validation utilities and omits core promised outputs. This mismatch is dangerous because operators may grant trust or integrate the skill assuming narrow behavior, while the actual capability surface is broader and can enable unexpected file processing or supply-chain style abuse in downstream pipelines.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal