Back to skill

Security audit

Guru MCP

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Guru integration, but it can read broad workplace knowledge and update Guru cards with a user token without strong in-skill safeguards.

Install only if Guru is approved for the data you plan to query and you are comfortable giving the agent access through your Guru API token. Use the least-privileged token available, avoid secrets or regulated personal data in questions, and manually review any draft creation or card update before allowing it to run.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The skill explicitly encourages creating drafts and updating cards but does not place a clear warning or confirmation requirement near those workflows, even though they can modify authoritative organizational knowledge. In an agent setting, this increases the risk of accidental or overbroad content changes, especially if a user assumes the skill is read-only or does not appreciate that updates are live and potentially visible to others.

Missing User Warnings

Low
Confidence
82% confidence
Finding
The skill mentions analytics logging only later in the document and not as a prominent privacy warning near the top-level feature/use description. Users may submit sensitive internal questions or identifiers without realizing their queries are logged in Guru's AI Agent Center, creating avoidable privacy and compliance risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.