English Learn Cards

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent local English flashcard tool, with a proportionate but under-explained optional Cambridge Dictionary audio lookup.

Installers should be comfortable running a local Python helper that writes a SQLite vocabulary database under the configured path. Avoid using --fill-audio or --audio-auto for sensitive phrases unless you are comfortable sending those headwords to Cambridge Dictionary for pronunciation lookup.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 83% confidence
Finding: The skill documentation declares no permissions, yet the referenced helper behavior implies access to environment variables and outbound network use. This is dangerous because users and reviewers may grant trust based on incomplete capability disclosure, while the skill can still reach external services and consume local configuration through env-driven paths.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 92% confidence
Finding: The documented purpose is local flashcard learning with SQLite and SRS, but the implementation appears to make HTTP requests to Cambridge Dictionary and scrape audio URLs from an external service. This mismatch is risky because hidden network behavior can leak user queries, create privacy/compliance issues, and expose the agent environment to unreviewed third-party content and service dependencies.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal