深蓝财经新闻

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a read-only Chinese finance news helper that uses a disclosed public Shenlan News API.

Before installing, consider that finance-news searches and query terms will be sent to shenlannews.com and that the agent may use Bash to run the provided Python helper. This is expected for the skill; users with strict egress requirements should restrict network access to the declared domain.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 91% confidence
Finding: The skill declares only Bash as an allowed tool and does not explicitly declare network permission, yet its documented behavior depends on calling external HTTPS endpoints. This creates a capability/permission mismatch that can bypass policy expectations, weaken review accuracy, and lead operators to underestimate the data egress and remote content exposure introduced by the skill.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal