Back to skill

Security audit

Nda

Security checks across malware telemetry and agentic risk

Overview

This NDA skill uses a remote document-rendering option for convenience, but it clearly discloses that confidential NDA details may be sent to Open Agreements and requires user consent before doing so.

Before using the remote MCP option, understand that NDA contents may leave your local environment and be processed by Open Agreements. For highly sensitive agreements, use the pinned local CLI option and review the generated DOCX with counsel before signing.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Description-Behavior Mismatch

Medium
Confidence
95% confidence
Finding
The workflow explicitly prefers a remote MCP service for NDA generation, which would transmit highly sensitive agreement terms and party details to an external server. Because NDAs commonly contain confidential business information and the skill metadata does not clearly disclose this external data transfer, users may unknowingly expose protected information to a third party.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The `fill_template` remote path sends selected template information and completed NDA field values to an external MCP server for document generation. In the context of an NDA skill, those values are especially sensitive, so undisclosed third-party processing creates a meaningful confidentiality and compliance risk even if the feature is functionally related to document creation.

Missing User Warnings

Low
Confidence
94% confidence
Finding
The connector documentation recommends a remote MCP service as the preferred setup but does not explicitly warn that using it may transmit contract data, party names, signatures, or other sensitive NDA contents to an external service. In the context of an NDA-drafting skill, omission of this disclosure is security-relevant because users may reasonably expect confidential legal text to stay local unless clearly told otherwise.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.