Mcp Review

Security checks across malware telemetry and agentic risk

Overview

This is a read-only MCP tool-design review skill with no executable code, persistence, credential access, or data-changing behavior.

Install this if you want Chinese-language MCP tool-design reviews. Use it on a specific project folder or provide exact file paths, because it is designed to read and search local MCP-related code and mock data; avoid pointing it at repositories containing secrets or real personal data unless you are comfortable with that content entering the agent review context.

SkillSpector

By NVIDIA

Vulnerability Patterns

Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill activation description uses broad phrases like 'review', '检查', and '审查MCP工具定义', which can cause the skill to trigger in contexts that do not specifically request this specialized review behavior. Over-broad activation increases the chance of unintended invocation, leading to irrelevant file access, confusing task routing, or accidental use of the Agent tool on unrelated user requests.

Natural-Language Policy Violations

Medium

Confidence: 89% confidence
Finding: The skill content is written to enforce Chinese-language behavior without any indication that this should depend on the user's language preference. This can override user expectations, degrade usability, and cause the agent to respond in an unexpected language, which is especially risky in review or security workflows where precision and comprehension matter.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal