Security audit

UAPI 查询 MC 玩家接口

Security checks across malware telemetry and agentic risk

Overview

This is a simple Minecraft player lookup skill, with some overbroad routing keywords but no hidden or dangerous behavior found.

Install this only for Minecraft player profile/userinfo lookup by username. Use a separate tool for server status or name history, and avoid sharing unrelated personal data or any UAPI key unless the service specifically requires it for quota limits.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (6)

Description-Behavior Mismatch

Medium

Confidence: 95% confidence
Finding: The keyword list expands the skill's advertised scope beyond the single documented endpoint for Minecraft user info by including unrelated tasks such as server status and name history. This can cause an agent to route requests to the wrong skill, producing incorrect API calls, misleading results, or accidental data handling outside the intended operation.

Vague Triggers

Medium

Confidence: 97% confidence
Finding: The listed trigger phrases include "minecraft server status" and "minecraft name history," but the skill claims to wrap only GET /game/minecraft/userinfo, which is a player-info endpoint. This mismatch can systematically route distinct user intents to the wrong capability, producing incorrect results and potentially sending player or server identifiers to an unrelated endpoint, which is especially risky in autonomous agent workflows that trust skill metadata for tool selection.

Vague Triggers

High

Confidence: 97% confidence
Finding: The listed trigger phrases include "minecraft server status" and "minecraft name history," but the skill claims to wrap only GET /game/minecraft/userinfo, which is a player-info endpoint. This mismatch can systematically route distinct user intents to the wrong capability, producing incorrect results and potentially sending player or server identifiers to an unrelated endpoint, which is especially risky in autonomous agent workflows that trust skill metadata for tool selection.

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The skill enables implicit invocation with no trigger constraints, exclusions, or scoped conditions, which can cause the agent to call the Minecraft userinfo endpoint in response to loosely related prompts. That increases the chance of unintended external requests, unnecessary data disclosure about queried usernames, and user-confusing behavior because the tool may activate without clear user intent.

Missing User Warnings

Low

Confidence: 92% confidence
Finding: The documentation does not warn that looking up a Minecraft username causes that identifier to be transmitted to Mojang's upstream API. This creates a privacy/transparency issue because users and downstream agents may unknowingly disclose player identifiers to a third party, which matters in environments with data-minimization or consent requirements.

Vague Triggers

Medium

Confidence: 97% confidence
Finding: The trigger keywords are overly broad and inconsistent with the endpoint purpose, especially generic terms like 'userinfo' and unrelated Minecraft tasks. In an agent environment, broad triggers can misfire skill selection and cause unintended API invocation, reducing reliability and potentially exposing the system to confused-deputy style behavior where the wrong capability is used for a user request.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal