Price Alert Monitor

Security checks across malware telemetry and agentic risk

Overview

This is a local price-monitor demo script that stores product links on the user's machine, but its documentation overstates real price checking and notification features.

Install only if you are comfortable with a local Python script saving your monitored product list and thresholds in ~/.price-monitor.json. Treat this version as a prototype: do not rely on its prices or email/webhook alerts unless you verify or replace the simulated price and notification code.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 86% confidence
Finding: The skill documentation exposes capabilities that imply local file access, local persistence, and outbound network communication, but it declares no permissions or user-facing consent model. This is dangerous because users and hosting platforms cannot accurately assess what data the skill can store or transmit, especially given webhook/email notification features and local monitor state storage.

Tp4

High

Category: MCP Tool Poisoning
Confidence: 93% confidence
Finding: The documented behavior materially differs from the described purpose: it claims real price monitoring and notifications, but the implementation reportedly uses random simulated prices, lacks actual notification delivery, requires manual checks, and persists data locally without disclosure. This mismatch is dangerous because it misleads users about automation, accuracy, and data handling, which can cause unsafe trust decisions and undisclosed storage of product monitoring data.

Vague Triggers

Medium

Confidence: 72% confidence
Finding: The trigger phrases are broad shopping-related terms without scope constraints, which can cause the skill to activate in contexts where the user did not specifically intend to run it. Unintended invocation increases the chance of unnecessary file writes, network access, or disclosure of shopping-related URLs and alert settings.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The documentation advertises webhook and email notifications but does not warn users that monitored product identifiers, URLs, thresholds, or alert events may be transmitted to external services. This omission is dangerous because users may unknowingly expose shopping activity or other metadata to third parties through SMTP or webhook endpoints.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal