Back to skill

Security audit

Promql Validator

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a straightforward PromQL validator that runs local helper scripts and does not show hidden data access or persistence.

Install if you are comfortable with a skill that runs included local Python scripts to validate query text. Ensure Python 3 is available, and review the scripts first if your environment has strict rules against local code execution.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
92% confidence
Finding
The skill instructs the agent to execute shell commands and local Python scripts (`cd "$(git rev-parse --show-toplevel)"` and `python3 .../scripts/*.py`) even though no permissions are declared. This creates an undeclared capability boundary: a caller may believe the skill is documentation-only, while it actually drives command execution and potentially network-reachable tooling via Python, increasing the risk of command execution, environment probing, and unintended side effects if the query or repository contents are adversarial.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.