GERMANIC

Security checks across malware telemetry and agentic risk

Overview

This skill is a local JSON/schema validation tool, and the documented file and MCP behaviors fit that purpose.

Install only if you trust the germanic Homebrew tap or cargo package. Treat the offline and no-telemetry statements as publisher claims unless you verify the source/build yourself, and enable germanic serve-mcp only for MCP clients you trust because it exposes the local tool surface over stdio.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Intent-Code Divergence

Medium

Confidence: 92% confidence
Finding: The Trust & Safety section makes an absolute claim that the binary 'reads JSON from stdin or file, writes .grm to disk. Nothing else,' but the same document later exposes an MCP server mode that accepts stdio requests and offers multiple tools. This kind of capability mismatch is dangerous because operators may grant the tool broader trust or weaker oversight based on inaccurate documentation, leading to underestimation of the actual attack surface.

Intent-Code Divergence

Low

Confidence: 78% confidence
Finding: The documented MCP tool list includes `germanic_convert`, but that capability is not explained elsewhere in the skill's purpose or workflows. Undocumented functionality increases uncertainty about what inputs and transformations are supported, which can hide unexpected behavior and make secure review, least-privilege approval, and user consent harder.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal