Back to skill

Security audit

金十数据

Security checks across malware telemetry and agentic risk

Overview

The skill appears to be a disclosed JIN10 API integration, with a manifest transparency gap but no evidence of hidden, destructive, or unrelated behavior.

Before installing, confirm you are comfortable providing a JIN10 API token and allowing requests to JIN10's MCP endpoint. Prefer a limited-purpose token, revoke it if the skill is no longer used, and expect the publisher to tighten manifest permissions in a future version.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Lp3

Medium
Category
MCP Least Privilege
Confidence
87% confidence
Finding
The skill declares and documents Python code that uses both environment variables and outbound network access, but the manifest does not declare corresponding permissions/capabilities. This creates a transparency and policy-enforcement gap: users or the hosting platform may not realize the skill can read secrets from the environment and make external requests, which increases the risk of unintended secret exposure or unauthorized network activity.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.