Mentions Discover

Security checks across malware telemetry and agentic risk

Overview

The skill mostly does what it claims, but it has an undocumented setting that can redirect the paid API key to any configured server.

Install only if you are comfortable giving this skill a MentionsAPI key and making paid calls. Do not set MENTIONSAPI_URL unless you intentionally trust that exact endpoint; the safer expectation is for the skill to restrict credentials to the official MentionsAPI HTTPS host.

SkillSpector

By NVIDIA

Vulnerability Patterns

Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tainted flow: 'req' from os.environ.get (line 65, credential/environment) → urllib.request.urlopen (network output)

Critical

Category: Data Flow
Content: "Accept": "application/json", }, ) with urllib.request.urlopen(req, timeout=TIMEOUT_SECONDS) as resp: raw = resp.read().decode("utf-8") return json.loads(raw) if raw else {} except urllib.error.HTTPError as e:
Confidence: 95% confidence
Finding: with urllib.request.urlopen(req, timeout=TIMEOUT_SECONDS) as resp:

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal