Back to skill

Security audit

AI news generator

Security checks across malware telemetry and agentic risk

Overview

This skill is a simple Discord news-digest poster, with some wording and trigger-scope issues but no evidence of hidden data theft, destructive behavior, or deception.

Install only if you want an agent to gather or accept news story data and post it to a Discord channel. Use a dedicated Discord webhook, keep the webhook URL private, preview the digest before posting to important channels, and separately verify any scheduling setup because no scheduler is included in the artifact.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill instructs the agent to read local files/scripts and send data over the network to a Discord webhook, but it does not declare those permissions. That creates a transparency and policy-enforcement gap: users and platforms cannot accurately assess or constrain what the skill can access and where it can transmit data.

Tp4

High
Category
MCP Tool Poisoning
Confidence
90% confidence
Finding
The skill advertises automated news retrieval and recurring scheduled delivery, but the provided instructions only format content and post it to Discord using supplied inputs. This mismatch can mislead users and orchestrators about what the skill actually does, increasing the risk of unintended invocation, hidden dependencies, or unsafe assumptions about external data fetching and automation.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases are extremely broad, including generic requests like 'daily briefing' or 'news bot,' which can cause the skill to activate in contexts the user did not intend. Because this skill sends content to an external webhook, accidental invocation can lead to unintended disclosure or spam in Discord channels.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not clearly warn that gathered or user-provided content will be transmitted to an external Discord webhook. In a skill with network egress, lack of disclosure materially increases the risk of users unknowingly sending sensitive data or internal content outside the system boundary.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.