B站视频分析

Security checks across malware telemetry and agentic risk

Overview

This skill appears to be a small Bilibili video-info helper with an expected public API call and no signs of credential use, persistence, or harmful behavior.

Reasonable to install if you are comfortable sending Bilibili BV IDs to Bilibili's public API. Ask the publisher to fix the scripts/fetch.js versus scripts/fecth.js filename mismatch for reliable use.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 93% confidence
Finding: The skill explicitly requires calling an internal script and static analysis indicates that script has network capability, but the skill declares no corresponding permissions or external access behavior. Hidden network access reduces transparency and can enable unexpected data exfiltration or unreviewed outbound requests, even if the immediate use case is only fetching Bilibili metadata.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 89% confidence
Finding: The declared behavior says the skill fetches video information and produces a summary, but analysis indicates the implementation only performs external API access and returns video information without actually summarizing. This mismatch is dangerous because reviewers and users may grant trust based on a narrower stated purpose while the real behavior includes undisclosed external communication and incomplete functionality.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal