osint-mcp

Security checks across malware telemetry and agentic risk

Overview

The available evidence does not show malicious behavior, but the skill’s broad trigger wording could make it run for loosely related investigation requests.

Install this only if you intentionally want an investigation or lookup helper. Use it for explicit, user-directed lookups and be careful with searches involving people, accounts, domains, or other privacy-sensitive targets.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The skill description is very broad and matches many common user intents around investigation, news, social commentary, and identifier lookups. That increases the chance the agent will invoke this skill in loosely related conversations, potentially escalating ordinary chat into OSINT collection on people, domains, or accounts without sufficiently explicit user intent or safety review.

VirusTotal

59/59 vendors flagged this skill as clean.

View on VirusTotal