Back to skill

Security audit

Ohio State API

Security checks across malware telemetry and agentic risk

Overview

This skill coherently provides user-directed access to public Ohio State API data and does not show hidden persistence, credential access, data exfiltration, or destructive behavior.

Install only if you are comfortable running a Node-based MCP server that makes outbound requests for public OSU data. Prefer the documented OSU service/path fetch mode, run it in a normal user account, and consider updating or pinning dependencies before deploying it in a shared or long-running environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Unpinned Dependencies

Low
Category
Supply Chain
Content
"author": "",
  "license": "MIT",
  "dependencies": {
    "@modelcontextprotocol/sdk": "^1.17.1"
  },
  "devDependencies": {
    "@types/node": "^20.19.9",
Confidence
93% confidence
Finding
"@modelcontextprotocol/sdk": "^1.17.1"

Unpinned Dependencies

Low
Category
Supply Chain
Content
"@modelcontextprotocol/sdk": "^1.17.1"
  },
  "devDependencies": {
    "@types/node": "^20.19.9",
    "typescript": "^5.9.2"
  },
  "bin": {
Confidence
84% confidence
Finding
"@types/node": "^20.19.9"

Unpinned Dependencies

Low
Category
Supply Chain
Content
},
  "devDependencies": {
    "@types/node": "^20.19.9",
    "typescript": "^5.9.2"
  },
  "bin": {
    "osu-mcp-server": "build/index.js"
Confidence
84% confidence
Finding
"typescript": "^5.9.2"

Known Vulnerable Dependency: @modelcontextprotocol/sdk==1.17.1 — 3 advisory(ies): CVE-2026-25536 (@modelcontextprotocol/sdk has cross-client data leak via shared server/transport); CVE-2026-0621 (Anthropic's MCP TypeScript SDK has a ReDoS vulnerability); CVE-2025-66414 (Model Context Protocol (MCP) TypeScript SDK does not enable DNS rebinding protec)

High
Category
Supply Chain
Confidence
98% confidence
Finding
@modelcontextprotocol/sdk==1.17.1

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.