Klientenportal

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Klientenportal automation skill that handles sensitive accounting credentials and documents in a disclosed, purpose-aligned way.

Install only if you are comfortable giving the skill access to your Klientenportal account and accounting documents. Prefer environment variables or a protected config file, avoid committing config.json, review upload patterns and download destinations carefully, and run logout on shared machines.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Description-Behavior Mismatch

Medium

Confidence: 90% confidence
Finding: The script implements additional capabilities to enumerate and selectively download 'received files' beyond the declared skill scope. Hidden or undeclared data-access functionality increases the attack surface and can violate the principle of least privilege by enabling retrieval of accountant-provided documents that users or reviewers may not expect. In a portal handling financial records, this expands access to potentially sensitive documents and metadata.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal