Mensa

Security checks across malware telemetry and agentic risk

Overview

This skill is a small menu lookup tool that only queries OpenMensa and stores a local city/canteen preference.

Install if you are comfortable with your agent running this Python script and sending canteen/date lookups to openmensa.org. It does not need an API key or credentials, and it stores only your city/canteen configuration locally.

Publisher note

Read-only HTTPS GETs to openmensa.org only. No credentials, no user data transmitted. Local config.json (city/canteen choice) stays on the user's machine and is never sent.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill declares no explicit permissions, but its documented behavior clearly uses shell execution, local file reads/writes, and outbound network access. This creates a transparency and policy-enforcement gap: an agent or user may approve the skill under the assumption it is capability-free, while it can still persist configuration locally and make network requests.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal