Security audit

Uplo Architecture

Security checks across malware telemetry and agentic risk

Overview

This skill matches its architecture knowledge-search purpose, but it can access sensitive organizational data and directs conversation logging without clear user consent or retention controls.

Review before installing. Use only with a scoped, revocable UPLO token, confirm your organization permits conversation logging, and avoid full organizational context export unless explicitly needed. Consider pinning or vetting the external MCP server package before trusting it with confidential project data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (3)

Description-Behavior Mismatch

Medium

Confidence: 93% confidence
Finding: The skill documentation exposes capabilities to retrieve broad organizational context and to log conversations, which go beyond the stated architecture knowledge search and structured extraction purpose. That scope expansion increases the chance of unnecessary access to sensitive enterprise information and creates a path for collecting user/session data not clearly required for the declared function.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The instruction to log the conversation at session end is not clearly tied to the architecture knowledge-management use case, so it may cause unnecessary retention of user prompts, sensitive project details, or other confidential data. Because it is framed as a default workflow step, an agent may perform logging automatically without assessing whether the content is appropriate to store.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: Session-end logging is instructed without any warning that conversation contents may be retained or disclosed to backend systems, which undermines informed use and may expose sensitive architectural, compliance, or project data. In this skill context, users may reasonably share internal building designs and compliance records, making silent persistence materially risky.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal