Phy Cors Audit

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a security-guidance skill with one unsafe CORS example, not a hidden or malicious runtime behavior.

Install only if you are comfortable treating its output as advisory. Review any generated CORS code before using it, and ensure preflight handling uses the same explicit origin, method, header, and credentials policy as normal CORS middleware.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Intent-Code Divergence

Medium

Confidence: 95% confidence
Finding: The generated Express example presents itself as secure but then adds `app.options('*', cors())`, which can apply permissive default CORS behavior to all preflight requests independently of the origin validation logic above. That mismatch can cause developers to deploy a configuration where preflight handling is broader than the actual allowlist, undermining the skill’s security guidance.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal