Back to skill

Security audit

Podcast Manager

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward podcast tracker that fetches public RSS feeds and stores local podcast progress, with no evidence of hidden credential use or destructive behavior.

Install this only if you are comfortable with the agent contacting public podcast websites or RSS hosts and keeping subscription/listening records under memory/podcasts. Prefer official feed URLs when available, and delete those local files if you want to clear retained podcast history.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill explicitly instructs the agent to use `web_search` and `web_fetch` to discover and retrieve podcast RSS feeds, which is network-capable behavior, yet no permissions are declared. This creates a transparency and policy-enforcement gap: users or hosting systems may not realize the skill can access external URLs, and a malicious or manipulated podcast/feed target could drive unexpected outbound requests or unsafe content ingestion.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.